Vulnerability Description
Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Openview Storage Data Protector | 5.50 |
Related Weaknesses (CWE)
References
- http://dvlabs.tippingpoint.com/advisory/TPTI-09-15
- http://marc.info/?l=bugtraq&m=126106261622540&w=2
- http://securitytracker.com/id?1023361Patch
- http://www.securityfocus.com/bid/37386
- http://www.vupen.com/english/advisories/2009/3594
- http://dvlabs.tippingpoint.com/advisory/TPTI-09-15
- http://marc.info/?l=bugtraq&m=126106261622540&w=2
- http://securitytracker.com/id?1023361Patch
- http://www.securityfocus.com/bid/37386
- http://www.vupen.com/english/advisories/2009/3594
FAQ
What is CVE-2007-2281?
CVE-2007-2281 is a vulnerability with a CVSS score of 10.0 (HIGH). Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and ...
How severe is CVE-2007-2281?
CVE-2007-2281 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2281?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Openview Storage Data Protector.