Stack-based Buffer Overflow in HP OpenView Storage Data Protector
CVE-2007-2280

Currently unrated

Key Information:

Vendor: HP
Status: Openview Storage Data Protector
Vendor: CVE Published:; 18 December 2009

Summary

A stack-based buffer overflow vulnerability exists in the OmniInet.exe daemon, part of the Application Recovery Manager in HP OpenView Storage Data Protector. This flaw can be exploited by remote attackers sending a specially crafted MSG_PROTOCOL command containing long arguments. If successfully exploited, this vulnerability could enable attackers to execute arbitrary code on the affected system, compromising its integrity and security. The affected versions include 5.50 and 6.0.

References

http://www.zerodayinitiative.com/advisories/ZDI-09-099/

x_refsource_MISC

http://www.securityfocus.com/bid/37396

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=126106261622540&w=2

vendor-advisoryx_refsource_HP

EPSS Score

74% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 18, 2009