cvelistv5 - cve-2007-3872

CVE-2007-3872 (GCVE-0-2007-3872)

Vulnerability from cvelistv5 – Published: 2007-08-09 20:00 – Updated: 2024-08-07 14:37

Summary

Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/25255	vdb-entryx_refsource_BID
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://www.vupen.com/english/advisories/2007/2841	vdb-entryx_refsource_VUPEN
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://www.securitytracker.com/id?1018548	vdb-entryx_refsource_SECTRACK
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/26394	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:37:04.136Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSRT061260",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
          },
          {
            "name": "hp-openview-ovtrace-bo(35928)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35928"
          },
          {
            "name": "25255",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25255"
          },
          {
            "name": "HPSBMA02244",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
          },
          {
            "name": "HPSBMA02237",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
          },
          {
            "name": "HPSBMA02246",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
          },
          {
            "name": "HPSBMA02242",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
          },
          {
            "name": "HPSBMA02241",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
          },
          {
            "name": "20070809 Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574"
          },
          {
            "name": "ADV-2007-2841",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2841"
          },
          {
            "name": "HPSBMA02240",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
          },
          {
            "name": "HPSBMA02235",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
          },
          {
            "name": "HPSBMA02239",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
          },
          {
            "name": "1018548",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018548"
          },
          {
            "name": "HPSBMA02245",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
          },
          {
            "name": "HPSBMA02238",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
          },
          {
            "name": "HPSBMA02236",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
          },
          {
            "name": "26394",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26394"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SSRT061260",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
        },
        {
          "name": "hp-openview-ovtrace-bo(35928)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35928"
        },
        {
          "name": "25255",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25255"
        },
        {
          "name": "HPSBMA02244",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
        },
        {
          "name": "HPSBMA02237",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
        },
        {
          "name": "HPSBMA02246",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
        },
        {
          "name": "HPSBMA02242",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
        },
        {
          "name": "HPSBMA02241",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
        },
        {
          "name": "20070809 Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574"
        },
        {
          "name": "ADV-2007-2841",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2841"
        },
        {
          "name": "HPSBMA02240",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
        },
        {
          "name": "HPSBMA02235",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
        },
        {
          "name": "HPSBMA02239",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
        },
        {
          "name": "1018548",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018548"
        },
        {
          "name": "HPSBMA02245",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
        },
        {
          "name": "HPSBMA02238",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
        },
        {
          "name": "HPSBMA02236",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
        },
        {
          "name": "26394",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26394"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3872",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SSRT061260",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
            },
            {
              "name": "hp-openview-ovtrace-bo(35928)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35928"
            },
            {
              "name": "25255",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25255"
            },
            {
              "name": "HPSBMA02244",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
            },
            {
              "name": "HPSBMA02237",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
            },
            {
              "name": "HPSBMA02246",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
            },
            {
              "name": "HPSBMA02242",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
            },
            {
              "name": "HPSBMA02241",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
            },
            {
              "name": "20070809 Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574"
            },
            {
              "name": "ADV-2007-2841",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2841"
            },
            {
              "name": "HPSBMA02240",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
            },
            {
              "name": "HPSBMA02235",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
            },
            {
              "name": "HPSBMA02239",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
            },
            {
              "name": "1018548",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018548"
            },
            {
              "name": "HPSBMA02245",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
            },
            {
              "name": "HPSBMA02238",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
            },
            {
              "name": "HPSBMA02236",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
            },
            {
              "name": "26394",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26394"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3872",
    "datePublished": "2007-08-09T20:00:00",
    "dateReserved": "2007-07-18T00:00:00",
    "dateUpdated": "2024-08-07T14:37:04.136Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:openview_operations:*:*:windows:*:*:*:*:*\", \"versionEndIncluding\": \"a.07.50\", \"matchCriteriaId\": \"70E6F165-10B5-47C9-A736-A75A2987D9A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:shared_trace_service:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"a.07.50\", \"matchCriteriaId\": \"92A3BB70-2E4B-4217-A039-3B227F4FD191\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples desbordamientos de b\\u00fafer basados en pila en el servicio Shared Trace Service (OVTrace) para el HP OpenView Operations A.07.50 bajo Windows y, posiblemente, versiones anteriores, permiten a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s de ciertas peticiones manipuladas.\"}]",
      "id": "CVE-2007-3872",
      "lastModified": "2024-11-21T00:34:16.730",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-08-09T20:17:00.000",
      "references": "[{\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://secunia.com/advisories/26394\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/25255\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1018548\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2841\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/35928\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://secunia.com/advisories/26394\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/25255\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1018548\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2841\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/35928\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3872\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-08-09T20:17:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer basados en pila en el servicio Shared Trace Service (OVTrace) para el HP OpenView Operations A.07.50 bajo Windows y, posiblemente, versiones anteriores, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ciertas peticiones manipuladas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:openview_operations:*:*:windows:*:*:*:*:*\",\"versionEndIncluding\":\"a.07.50\",\"matchCriteriaId\":\"70E6F165-10B5-47C9-A736-A75A2987D9A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:shared_trace_service:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"a.07.50\",\"matchCriteriaId\":\"92A3BB70-2E4B-4217-A039-3B227F4FD191\"}]}]}],\"references\":[{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/26394\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/25255\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1018548\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2841\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35928\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/26394\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/25255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1018548\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2841\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2007-AVI-351

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs applications de HP OpenView sont vulnérables à un débordement de mémoire.

Description

Un service partagé par plusieurs applications est vulnérable à un débordement de mémoire, ce qui rend les logiciels l'utilisant vulnérables. Un utilisateur malintentionné pourrait exploiter ces failles pour exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symfony	process	HP OpenView Service Desk Process Insight (SDPI) 2.x ;
N/A	N/A	HP OpenView Network Node Manager (NNM) 6.x ;
Symfony	process	HP Service Desk Process Insight (HPSDPI) 2.x.
Symfony	process	HP OpenView Business Process Insight (OVBPI) 2.x ;
N/A	N/A	HP OpenView Network Node Manager (NNM) 7.x ;
Microsoft	Windows	HP OpenView Operations Manager for Windows (OVOW) 7.x ;
Symfony	process	HP Business Process Insight (HPBPI) 2.x ;
Symfony	process	HP OpenView Service Desk Process Insight (SDPI) 1.x ;
Symfony	process	HP Service Desk Process Insight (HPSDPI) 1.x ;
N/A	N/A	HP OpenView Performance Manager (OVPM) 6.x ;
Broadcom	Reporter	HP OpenView Reporter 3.x ;
Symfony	process	HP OpenView Business Process Insight (OVBPI) 1.x ;
N/A	N/A	HP OpenView Performance Manager (OVPM) 5.x ;
Symfony	process	HP Business Process Insight (HPBPI) 1.x ;
N/A	N/A	HP OpenView Performance Insight (OVPI) 5.x ;
Symfony	N/A	HP OpenView Operations HTTPS Agent 8.x ;
Symfony	N/A	HP OpenView Internet Service (OVIS) 6.x ;
Symfony	N/A	HP OpenView Dashboard 2.x ;
N/A	N/A	HP OpenView Service Quality Manager (OV SQM) 1.x ;
N/A	N/A	HP OpenView Performance Agent ;

References

Title

Publication Time

Tags

Bulletins de sécurité HP HPSBMA02235 à HPSBMA002246 du 07 août 2007	None	vendor-advisory
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Référence CVE CVE2007-3872:	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP OpenView Service Desk Process Insight (SDPI) 2.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Network Node Manager (NNM) 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Service Desk Process Insight (HPSDPI) 2.x.",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Business Process Insight (OVBPI) 2.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Network Node Manager (NNM) 7.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Operations Manager for Windows (OVOW) 7.x ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "HP Business Process Insight (HPBPI) 2.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Service Desk Process Insight (SDPI) 1.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP Service Desk Process Insight (HPSDPI) 1.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Performance Manager (OVPM) 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Reporter 3.x ;",
      "product": {
        "name": "Reporter",
        "vendor": {
          "name": "Broadcom",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Business Process Insight (OVBPI) 1.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Performance Manager (OVPM) 5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Business Process Insight (HPBPI) 1.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Performance Insight (OVPI) 5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Operations HTTPS Agent 8.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Internet Service (OVIS) 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Dashboard 2.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Service Quality Manager (OV SQM) 1.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Performance Agent ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUn service partag\u00e9 par plusieurs applications est vuln\u00e9rable \u00e0 un\nd\u00e9bordement de m\u00e9moire, ce qui rend les logiciels l\u0027utilisant\nvuln\u00e9rables. Un utilisateur malintentionn\u00e9 pourrait exploiter ces\nfailles pour ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-3872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3872"
    }
  ],
  "links": [
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE2007-3872:",
      "url": "http://cve.mitre.org/cgi-bin/cvename.cgi.name=CVE-2007-3872"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
    }
  ],
  "reference": "CERTA-2007-AVI-351",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-08-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs applications de HP OpenView sont vuln\u00e9rables \u00e0 un d\u00e9bordement\nde m\u00e9moire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP OpenView",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 HP HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-351

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs applications de HP OpenView sont vulnérables à un débordement de mémoire.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symfony	process	HP OpenView Service Desk Process Insight (SDPI) 2.x ;
N/A	N/A	HP OpenView Network Node Manager (NNM) 6.x ;
Symfony	process	HP Service Desk Process Insight (HPSDPI) 2.x.
Symfony	process	HP OpenView Business Process Insight (OVBPI) 2.x ;
N/A	N/A	HP OpenView Network Node Manager (NNM) 7.x ;
Microsoft	Windows	HP OpenView Operations Manager for Windows (OVOW) 7.x ;
Symfony	process	HP Business Process Insight (HPBPI) 2.x ;
Symfony	process	HP OpenView Service Desk Process Insight (SDPI) 1.x ;
Symfony	process	HP Service Desk Process Insight (HPSDPI) 1.x ;
N/A	N/A	HP OpenView Performance Manager (OVPM) 6.x ;
Broadcom	Reporter	HP OpenView Reporter 3.x ;
Symfony	process	HP OpenView Business Process Insight (OVBPI) 1.x ;
N/A	N/A	HP OpenView Performance Manager (OVPM) 5.x ;
Symfony	process	HP Business Process Insight (HPBPI) 1.x ;
N/A	N/A	HP OpenView Performance Insight (OVPI) 5.x ;
Symfony	N/A	HP OpenView Operations HTTPS Agent 8.x ;
Symfony	N/A	HP OpenView Internet Service (OVIS) 6.x ;
Symfony	N/A	HP OpenView Dashboard 2.x ;
N/A	N/A	HP OpenView Service Quality Manager (OV SQM) 1.x ;
N/A	N/A	HP OpenView Performance Agent ;

References

Title

Publication Time

Tags

Bulletins de sécurité HP HPSBMA02235 à HPSBMA002246 du 07 août 2007	None	vendor-advisory
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Référence CVE CVE2007-3872:	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other
Bulletins de sécurité HPSBMA02235 à HPSBMA002246 du 07 août 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP OpenView Service Desk Process Insight (SDPI) 2.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Network Node Manager (NNM) 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Service Desk Process Insight (HPSDPI) 2.x.",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Business Process Insight (OVBPI) 2.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Network Node Manager (NNM) 7.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Operations Manager for Windows (OVOW) 7.x ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "HP Business Process Insight (HPBPI) 2.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Service Desk Process Insight (SDPI) 1.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP Service Desk Process Insight (HPSDPI) 1.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Performance Manager (OVPM) 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Reporter 3.x ;",
      "product": {
        "name": "Reporter",
        "vendor": {
          "name": "Broadcom",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Business Process Insight (OVBPI) 1.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Performance Manager (OVPM) 5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Business Process Insight (HPBPI) 1.x ;",
      "product": {
        "name": "process",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Performance Insight (OVPI) 5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Operations HTTPS Agent 8.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Internet Service (OVIS) 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Dashboard 2.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symfony",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Service Quality Manager (OV SQM) 1.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP OpenView Performance Agent ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUn service partag\u00e9 par plusieurs applications est vuln\u00e9rable \u00e0 un\nd\u00e9bordement de m\u00e9moire, ce qui rend les logiciels l\u0027utilisant\nvuln\u00e9rables. Un utilisateur malintentionn\u00e9 pourrait exploiter ces\nfailles pour ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-3872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3872"
    }
  ],
  "links": [
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE2007-3872:",
      "url": "http://cve.mitre.org/cgi-bin/cvename.cgi.name=CVE-2007-3872"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
    },
    {
      "title": "Bulletins de s\u00e9curit\u00e9 HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt    2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
    }
  ],
  "reference": "CERTA-2007-AVI-351",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-08-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs applications de HP OpenView sont vuln\u00e9rables \u00e0 un d\u00e9bordement\nde m\u00e9moire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP OpenView",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 HP HPSBMA02235 \u00e0 HPSBMA002246 du 07 ao\u00fbt 2007",
      "url": null
    }
  ]
}

GSD-2007-3872

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-3872

Aliases

CVE-2007-3872

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-3872",
    "description": "Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.",
    "id": "GSD-2007-3872",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2007-3872"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-3872"
      ],
      "details": "Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.",
      "id": "GSD-2007-3872",
      "modified": "2023-12-13T01:21:42.393661Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-3872",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "SSRT061260",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
          },
          {
            "name": "hp-openview-ovtrace-bo(35928)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35928"
          },
          {
            "name": "25255",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/25255"
          },
          {
            "name": "HPSBMA02244",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
          },
          {
            "name": "HPSBMA02237",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
          },
          {
            "name": "HPSBMA02246",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
          },
          {
            "name": "HPSBMA02242",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
          },
          {
            "name": "HPSBMA02241",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
          },
          {
            "name": "20070809 Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities",
            "refsource": "IDEFENSE",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574"
          },
          {
            "name": "ADV-2007-2841",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/2841"
          },
          {
            "name": "HPSBMA02240",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
          },
          {
            "name": "HPSBMA02235",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
          },
          {
            "name": "HPSBMA02239",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
          },
          {
            "name": "1018548",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018548"
          },
          {
            "name": "HPSBMA02245",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
          },
          {
            "name": "HPSBMA02238",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
          },
          {
            "name": "HPSBMA02236",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
          },
          {
            "name": "26394",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26394"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:hp:shared_trace_service:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "a.07.50",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:hp:openview_operations:*:*:windows:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "a.07.50",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3872"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070809 Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities",
              "refsource": "IDEFENSE",
              "tags": [
                "Patch"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574"
            },
            {
              "name": "HPSBMA02235",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
            },
            {
              "name": "HPSBMA02237",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
            },
            {
              "name": "HPSBMA02238",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
            },
            {
              "name": "HPSBMA02239",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
            },
            {
              "name": "HPSBMA02240",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
            },
            {
              "name": "HPSBMA02241",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
            },
            {
              "name": "HPSBMA02242",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
            },
            {
              "name": "HPSBMA02244",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
            },
            {
              "name": "HPSBMA02245",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
            },
            {
              "name": "HPSBMA02246",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
            },
            {
              "name": "25255",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/25255"
            },
            {
              "name": "1018548",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018548"
            },
            {
              "name": "26394",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26394"
            },
            {
              "name": "SSRT061260",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
            },
            {
              "name": "ADV-2007-2841",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/2841"
            },
            {
              "name": "hp-openview-ovtrace-bo(35928)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35928"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-29T01:32Z",
      "publishedDate": "2007-08-09T20:17Z"
    }
  }
}

GHSA-7HP2-WG9M-CM55

Vulnerability from github – Published: 2022-05-01 18:18 – Updated: 2022-05-01 18:18

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-3872"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-08-09T20:17:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.",
  "id": "GHSA-7hp2-wg9m-cm55",
  "modified": "2022-05-01T18:18:09Z",
  "published": "2022-05-01T18:18:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3872"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35928"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26394"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/25255"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018548"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2841"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2007-3872

Vulnerability from fkie_nvd - Published: 2007-08-09 20:17 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574	Patch
cve@mitre.org	http://secunia.com/advisories/26394
cve@mitre.org	http://www.securityfocus.com/bid/25255
cve@mitre.org	http://www.securitytracker.com/id?1018548
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2841
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35928
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26394
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25255
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018548
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2841
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35928

Impacted products

	Vendor	Product	Version
	hp	openview_operations	*
	hp	shared_trace_service	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:hp:openview_operations:*:*:windows:*:*:*:*:*",
              "matchCriteriaId": "70E6F165-10B5-47C9-A736-A75A2987D9A2",
              "versionEndIncluding": "a.07.50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:shared_trace_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92A3BB70-2E4B-4217-A039-3B227F4FD191",
              "versionEndIncluding": "a.07.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en el servicio Shared Trace Service (OVTrace) para el HP OpenView Operations A.07.50 bajo Windows y, posiblemente, versiones anteriores, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ciertas peticiones manipuladas."
    }
  ],
  "id": "CVE-2007-3872",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-09T20:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/26394"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25255"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018548"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2841"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35928"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-3872 (GCVE-0-2007-3872)

CERTA-2007-AVI-351

Description

Solution

CERTA-2007-AVI-351

Description

Solution

GSD-2007-3872

GHSA-7HP2-WG9M-CM55

FKIE_CVE-2007-3872

Tags

Sightings

Nomenclature