{"api_version":"1","generated_at":"2026-05-13T04:15:01+00:00","cve":"CVE-2007-4349","urls":{"html":"https://cve.report/CVE-2007-4349","api":"https://cve.report/api/cve/CVE-2007-4349.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-4349","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-4349"},"summary":{"title":"CVE-2007-4349","description":"The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.","state":"PUBLISHED","assigner":"flexera","published_at":"2008-10-23 22:00:01","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://secunia.com/secunia_research/2007-83/","name":"http://secunia.com/secunia_research/2007-83/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Vulnerabilities - Secunia Research - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=122876827120961&w=2","name":"http://marc.info/?l=bugtraq&m=122876827120961&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/497648/100/0/threaded","name":"http://www.securityfocus.com/archive/1/497648/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27054","name":"http://secunia.com/advisories/27054","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"HP OpenView Products Shared Trace Service Denial of Service - Secunia Advisories - Vulnerability Intelligence - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2008/2888","name":"http://www.vupen.com/english/advisories/2008/2888","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/31860","name":"http://www.securityfocus.com/bid/31860","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"HP OpenView Products Shared Trace Service RPC Request Handling Denial of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securitytracker.com/id?1021092","name":"http://www.securitytracker.com/id?1021092","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"HP OpenView Reporter, Network Node Manager, and Performance Agent Trace Service Memory Error Lets Remote Users Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=122876677518654&w=2","name":"http://marc.info/?l=bugtraq&m=122876677518654&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46028","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46028","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securityreason.com/securityalert/4501","name":"http://securityreason.com/securityalert/4501","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"HP OpenView Products Shared Trace Service Denial of Service - CXSecurity.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-4349","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-4349","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"4349","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_performance_agent","cpe6":"c.04.60","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4349","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_performance_agent","cpe6":"c.04.61","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4349","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"openview_reporter","cpe6":"3.70","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4349","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"performance_agent","cpe6":"4.70","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4349","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"reporter","cpe6":"3.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T14:53:55.597Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"4501","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/4501"},{"name":"HPSBMA02391","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=122876677518654&w=2"},{"name":"1021092","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1021092"},{"name":"ov-traceservice-rpc-dos(46028)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46028"},{"name":"27054","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27054"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://secunia.com/secunia_research/2007-83/"},{"name":"20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/497648/100/0/threaded"},{"name":"31860","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/31860"},{"name":"ADV-2008-2888","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/2888"},{"name":"HPSBMA02390","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=122876827120961&w=2"},{"name":"SSRT071481","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=122876827120961&w=2"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-10-22T00:00:00.000Z","descriptions":[{"lang":"en","value":"The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-15T20:57:01.000Z","orgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","shortName":"flexera"},"references":[{"name":"4501","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/4501"},{"name":"HPSBMA02391","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=122876677518654&w=2"},{"name":"1021092","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1021092"},{"name":"ov-traceservice-rpc-dos(46028)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46028"},{"name":"27054","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27054"},{"tags":["x_refsource_MISC"],"url":"http://secunia.com/secunia_research/2007-83/"},{"name":"20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/497648/100/0/threaded"},{"name":"31860","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/31860"},{"name":"ADV-2008-2888","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/2888"},{"name":"HPSBMA02390","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=122876827120961&w=2"},{"name":"SSRT071481","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=122876827120961&w=2"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"PSIRT-CNA@flexerasoftware.com","ID":"CVE-2007-4349","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"4501","refsource":"SREASON","url":"http://securityreason.com/securityalert/4501"},{"name":"HPSBMA02391","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=122876677518654&w=2"},{"name":"1021092","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1021092"},{"name":"ov-traceservice-rpc-dos(46028)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46028"},{"name":"27054","refsource":"SECUNIA","url":"http://secunia.com/advisories/27054"},{"name":"http://secunia.com/secunia_research/2007-83/","refsource":"MISC","url":"http://secunia.com/secunia_research/2007-83/"},{"name":"20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/497648/100/0/threaded"},{"name":"31860","refsource":"BID","url":"http://www.securityfocus.com/bid/31860"},{"name":"ADV-2008-2888","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/2888"},{"name":"HPSBMA02390","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=122876827120961&w=2"},{"name":"SSRT071481","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=122876827120961&w=2"}]}}}},"cveMetadata":{"assignerOrgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","assignerShortName":"flexera","cveId":"CVE-2007-4349","datePublished":"2008-10-23T21:00:00.000Z","dateReserved":"2007-08-14T00:00:00.000Z","dateUpdated":"2024-08-07T14:53:55.597Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2008-10-23 22:00:01","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hp:openview_performance_agent:c.04.60:*:*:*:*:*:*:*","matchCriteriaId":"9374AB08-64F6-4376-BF01-652E88A7E050"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:openview_performance_agent:c.04.61:*:*:*:*:*:*:*","matchCriteriaId":"15053C63-0407-422A-9E7B-591E336D6121"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:openview_reporter:3.70:*:*:*:*:*:*:*","matchCriteriaId":"380F0F94-E4D6-4630-AC10-C4D8922760A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:performance_agent:4.70:*:*:*:*:*:*:*","matchCriteriaId":"4B769539-D927-4086-9160-F162488F5337"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:reporter:3.8:*:*:*:*:*:*:*","matchCriteriaId":"2BCEDB40-6EC3-4F4F-A2E5-5B223AA58DDF"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"4349","Ordinal":"1","Title":"CVE-2007-4349","CVE":"CVE-2007-4349","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"4349","Ordinal":"1","NoteData":"The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.","Type":"Description","Title":"CVE-2007-4349"},{"CveYear":"2007","CveId":"4349","Ordinal":"2","NoteData":"2008-10-23","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"4349","Ordinal":"3","NoteData":"2018-10-15","Type":"Other","Title":"Modified"}]}}}