| CVE ID | CVE-2007-6195 |
| CVSS SCORE | |
| AFFECTED VENDORS |
Hewlett-Packard |
| AFFECTED PRODUCTS |
HP-UX |
| VULNERABILITY DETAILS |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP-UX operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function sw_rpc_agent_init (opcode 0x04) defined in swagentd. Specific malformed arguments can cause function pointers to be overwritten and thereby result in arbitrary code execution. |
| ADDITIONAL DETAILS |
Hewlett-Packard has issued an update to correct this vulnerability. More details can be found in HP document ID #SB2294r1. |
| DISCLOSURE TIMELINE |
|
| CREDIT | Tenable Network Security |
