Integer Overflow Vulnerability in HP OpenView Storage Data Protector
CVE-2007-2281

Currently unrated

Key Information:

Vendor: HP
Status: Openview Storage Data Protector
Vendor: CVE Published:; 18 December 2009

Summary

The vulnerability stems from an integer overflow in the _ncp32._NtrpTCPReceiveMsg function found in rds.exe within the Cell Manager Database Service of HP OpenView Storage Data Protector. This flaw allows remote attackers to exploit the size parameter by sending an excessively large value, potentially enabling them to execute arbitrary code on the affected system. If unpatched, this could lead to significant security breaches affecting the integrity and confidentiality of data managed by the service.

References

http://dvlabs.tippingpoint.com/advisory/TPTI-09-15

x_refsource_MISC

http://marc.info/?l=bugtraq&m=126106261622540&w=2

vendor-advisoryx_refsource_HP

http://marc.info/?l=bugtraq&m=126106261622540&w=2

vendor-advisoryx_refsource_HP

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 18, 2009