CVE-2007-6195 — Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Hp-ux

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

22.8%

top 4.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Hp-ux

Timeline

PublishedDec 15

Latest updateMay 1

Description

Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/hp-ux11.11, 11.23+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-vc23-9q3p-jq7c: Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B↗2022-05-01

▶

CVEList

CVE-2007-6195: Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B↗2007-12-15

▶