CVE-2007-4349

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.

El servicio Shared Trace (también se conoce como OVTrace) en HP Performance Agent versión C.04.70 (4.70), HP OpenView Performance Agent versiones C.04.60 y C.04.61, HP Reporter versión 3.8 y HP OpenView Reporter versión 3.7 (Informe 3.70), permite a los atacantes remotos causar una denegación de servicio por medio de una serie no especificada de peticiones RPC (también se conoce como Mensajes de Eventos de Rastreo) que desencadena un acceso de memoria fuera de límites, relacionado con una referencia de objeto errónea.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-08-14 CVE Reserved
2008-10-22 CVE Published
2024-08-07 CVE Updated
2024-10-29 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
http://securityreason.com/securityalert/4501	Third Party Advisory
http://www.securityfocus.com/archive/1/497648/100/0/threaded	Mailing List
http://www.securitytracker.com/id?1021092	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/46028	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://www.securityfocus.com/bid/31860	2018-10-30

URL	Date	SRC
http://marc.info/?l=bugtraq&m=122876677518654&w=2	2018-10-30
http://marc.info/?l=bugtraq&m=122876827120961&w=2	2018-10-30
http://secunia.com/advisories/27054	2018-10-30
http://secunia.com/secunia_research/2007-83	2018-10-30
http://www.vupen.com/english/advisories/2008/2888	2018-10-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Hp Search vendor "Hp"		Openview Performance Agent Search vendor "Hp" for product "Openview Performance Agent"				c.04.60 Search vendor "Hp" for product "Openview Performance Agent" and version "c.04.60"		-		Affected
Hp Search vendor "Hp"		Openview Performance Agent Search vendor "Hp" for product "Openview Performance Agent"				c.04.61 Search vendor "Hp" for product "Openview Performance Agent" and version "c.04.61"		-		Affected
Hp Search vendor "Hp"		Openview Reporter Search vendor "Hp" for product "Openview Reporter"				3.70 Search vendor "Hp" for product "Openview Reporter" and version "3.70"		-		Affected
Hp Search vendor "Hp"		Performance Agent Search vendor "Hp" for product "Performance Agent"				4.70 Search vendor "Hp" for product "Performance Agent" and version "4.70"		-		Affected
Hp Search vendor "Hp"		Reporter Search vendor "Hp" for product "Reporter"				3.8 Search vendor "Hp" for product "Reporter" and version "3.8"		-		Affected