Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434.
Conclusion & alert: CVE-2007-2246 is rated Moderate Risk (61.1/100): CVSS High severity, with medium exploitation likelihood (EPSS 2.60%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-12-12 | 2.50% | 2.60% | +0.10% |
| 2 | 2025-09-01 | 2.27% | 2.50% | +0.23% |
| 3 | 2025-03-30 | — | 2.27% | — |
Full EPSS history (13 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.8 | 2.0 | HIGH |
|
10.0 | 6.9 | [email protected] |
| URL | Tags |
|---|---|
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00841370 | |
| http://secunia.com/advisories/24990 | Patch Vendor Advisory |
| http://www.kb.cert.org/vuls/id/349305 | US Government Resource |
| http://www.securityfocus.com/bid/23606 | |
| http://www.securitytracker.com/id?1017966 | |
| http://www.vupen.com/english/advisories/2007/1504 | Vendor Advisory |