Unrated severityNVD Advisory· Published Jan 9, 2007· Updated Apr 23, 2026

CVE-2007-0139

Description

Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM.

Affected products

HP/Openvms2 versions
cpe:2.3:a:hp:openvms:7.3_2:*:openvms_vax:*:*:*:*:*+ 1 more
- cpe:2.3:a:hp:openvms:7.3_2:*:openvms_vax:*:*:*:*:*
- cpe:2.3:a:hp:openvms:7.3:*:openvms_vax:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txtnvdPatch
ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txtnvdPatch
secunia.com/advisories/23636nvdPatchVendor Advisory
osvdb.org/32583nvd
osvdb.org/32584nvd
osvdb.org/32585nvd
osvdb.org/32586nvd
www.vupen.com/english/advisories/2007/0063nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000