CVE-2007-4349

2008-10-2322:00:01

[email protected]

web.nvd.nist.gov

performance agent

openview

denial of service

rpc

security vulnerability

cve-2007-4349

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.068 Low

EPSS

Percentile

93.9%

JSON

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.

Affected configurations

NVD

Node

hpopenview_performance_agentMatchc.04.60

hpopenview_performance_agentMatchc.04.61

hpopenview_reporterMatch3.70

hpperformance_agentMatch4.70

hpreporterMatch3.8

CPENameOperatorVersion
hp:openview_performance_agenthp openview performance agenteqc.04.60
hp:openview_performance_agenthp openview performance agenteqc.04.61
hp:openview_reporterhp openview reportereq3.70
hp:performance_agenthp performance agenteq4.70
hp:reporterhp reportereq3.8

CPE	Name	Operator	Version
hp:openview_performance_agent	hp openview performance agent	eq	c.04.60
hp:openview_performance_agent	hp openview performance agent	eq	c.04.61
hp:openview_reporter	hp openview reporter	eq	3.70
hp:performance_agent	hp performance agent	eq	4.70
hp:reporter	hp reporter	eq	3.8