Vulnerability Description
Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments, a different vulnerability than CVE-2009-3844.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Openview Storage Data Protector | 5.50 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=126106261622540&w=2
- http://securitytracker.com/id?1023361Patch
- http://www.securityfocus.com/bid/37396
- http://www.vupen.com/english/advisories/2009/3594
- http://www.zerodayinitiative.com/advisories/ZDI-09-099/Patch
- http://marc.info/?l=bugtraq&m=126106261622540&w=2
- http://securitytracker.com/id?1023361Patch
- http://www.securityfocus.com/bid/37396
- http://www.vupen.com/english/advisories/2009/3594
- http://www.zerodayinitiative.com/advisories/ZDI-09-099/Patch
FAQ
What is CVE-2007-2280?
CVE-2007-2280 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attack...
How severe is CVE-2007-2280?
CVE-2007-2280 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2280?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Openview Storage Data Protector.