CVE-2007-6195

EPSS 22.85%
Published 15.12.2007 01:46:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.

Affected products Warnungen 0 Metrics 2 CWE 1 References 12

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Hp-ux Version11.11

Hp ≫ Hp-ux Version11.23

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	22.85%	0.957

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/28087

Vendor Advisory

http://www.securityfocus.com/archive/1/485260/100/0/threaded

http://www.securityfocus.com/bid/26855

Patch

http://www.securitytracker.com/id?1019098

http://www.vupen.com/english/advisories/2007/4220

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-07-079.html

http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01294212-1

https://exchange.xforce.ibmcloud.com/vulnerabilities/39018

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5710

https://nvd.nist.gov/vuln/detail/CVE-2007-6195

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-6195

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-6195

EUVD