CVE-2007-2281

CWE-1893 documents3 sources

Severity

10.0CRITICAL

EPSS

7.1%

top 8.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Openview Storage Data Protector

Timeline

PublishedDec 18

Latest updateMay 1

Description

Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/openview_storage_data_protector5.50, 6.0+1

Patches

Patch: securitytracker.com ↗Patch: securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-43gr-pj36-rwvj: Integer overflow in the _ncp32↗2022-05-01

▶

CVEList

CVE-2007-2281: Integer overflow in the _ncp32↗2009-12-18

▶