CVE-2007-2280

Name of the Vulnerable Software and Affected Versions HP OpenView Storage Data Protector versions 5.50 through 6.0

Description The issue is a stack-based buffer overflow in the OmniInet.exe component, which is part of the Application Recovery Manager. This occurs when the MSG PROTOCOL command is used with long arguments, allowing remote attackers to execute arbitrary code.

Recommendations For HP OpenView Storage Data Protector versions 5.50 through 6.0, consider restricting access to the OmniInet.exe component until a fix is available. As a temporary workaround, avoid using the MSG PROTOCOL command with long arguments to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.