Overview
- Description
- Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-189
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:openview_storage_data_protector:5.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C114C6E6-0995-4449-BEBA-3247B88D8CFC"
},
{
"criteria": "cpe:2.3:a:hp:openview_storage_data_protector:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2924E972-C490-4359-8E85-C5A4BDE088C4"
}
],
"operator": "OR"
}
]
}
]