Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4349

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4349
Last Modified 14 Jun 2011 12:00:00
Published 23 Oct 2008 06:00:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4349

Summary

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.

Vulnerable Systems

Application

  • Hp Openview Performance Agent C.04.60

  • Hp Openview Performance Agent C.04.61

  • Hp Openview Report 3.70

  • Hp Openview Reporter 3.70

  • Hp Performance Agent 4.70

  • Hp Reporter 3.8


References

BID - 31860

XF - ov-traceservice-rpc-dos(46028)

VUPEN - ADV-2008-2888

SECTRACK - 1021092

BUGTRAQ - 20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service

SREASON - 4501

MISC - http://secunia.com/secunia_research/2007-83/

SECUNIA - 27054

HP - HPSBMA02390

HP - HPSBMA02391

HP - SSRT071481


Last Updated: 27 May 2016 10:47:26