CVE-2007-2281 Information

Description

Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter.

Reference

http://dvlabs.tippingpoint.com/advisory/TPTI-09-15 http://marc.info/?l=bugtraq&m=126106261622540&w=2 http://securitytracker.com/id?1023361 http://www.securityfocus.com/bid/37386 http://www.vupen.com/english/advisories/2009/3594