CVE-2007-0139

4 documents4 sources

Severity

7.5HIGH

EPSS

1.0%

top 23.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Openvms

Timeline

PublishedJan 9

Latest updateMay 3

Description

Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDhp/openvms7.3, 7.3_2+1

Patches

Patch: ftp.itrc.hp.com ↗Patch: ftp.itrc.hp.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-m84r-j38v-vmgw: Unspecified vulnerability in the DECnet-Plus 7↗2022-05-03

▶

CVEList

CVE-2007-0139: Unspecified vulnerability in the DECnet-Plus 7↗2007-01-09

▶

💥Exploits & PoCs

Exploit-DB

LoudBlog 0.6.1 - 'parsedpage' Remote Code Execution↗2008-01-06

▶