VDB
CVE-2007-0446
CVE-2007-0446
PUBLISHED
CVSS 10 CRITICAL
Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll.
EPSS 64.47% · 98.5th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
64.47%
98.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| hp | mercury_performance_center_agent | 8.1, 8.0 |
| hp | mercury_loadrunner_agent | 8.0, 8.1 |
| hp | mercury_monitor_over_firewall | 8.1 |
Timeline
- Feb 8, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 23, 2023 EPSS Score
- Apr 30, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 13, 2023 EPSS Score
References
- mercury-multiple-agent-bo(32390) vdb
- http://www.zerodayinitiative.com/advisories/ZDI-07-007.html url
- 1017612 vdb
- HPSBGN02187 vendor-advisory
- 33132 vdb
- R-123 third-party-advisory
- 20070208 ZDI-07-007: HP Mercury LoadRunner Agent Stack Overflow Vulnerability mailing-list
- VU#303012 third-party-advisory
- ADV-2007-0535 vdb
- 24112 third-party-advisory
- 1017613 vdb
- 22487 vdb
- 1017611 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2007-0446 advisory