CVE-2009-3849

🗓️ 10 Dec 2009 22:00:00Reported by hpType

cve

cve🔗 web.nvd.nist.gov👁 58 Views🌐 WEB

Buffer overflows in HP OpenView NNM 7.01, 7.51, 7.53 allow remote code execution.

Reporter	Title	Published	Views	Family All 20
Circl	CVE-2009-3849	11 Nov 201000:00	–	circl
Check Point Advisories	HP OpenView Network Node Manager snmp.exe Oid Variable Buffer Overflow (CVE-2009-3849)	2 Feb 201000:00	–	checkpoint_advisories
Check Point Advisories	Preemptive Protection against HP OpenView Network Node Manager snmp.exe Oid Variable Buffer Overflow Vulnerability	6 Jan 201000:00	–	checkpoint_advisories
Cvelist	CVE-2009-3849	10 Dec 200922:00	–	cvelist
d2	DSquare Exploit Pack: D2SEC_HPNNM3	10 Dec 200922:30	–	d2
Exploit DB	HP OpenView Network Node Manager (OV NNM) - 'Snmp.exe' CGI Buffer Overflow (Metasploit)	11 Nov 201000:00	–	exploitdb
Tenable Nessus	HP-UX PHSS_40374 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 25	14 Dec 200900:00	–	nessus
Tenable Nessus	HP-UX PHSS_40375 : s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 25	14 Dec 200900:00	–	nessus
Tenable Nessus	HP-UX PHSS_40705 : s700_800 11.11 OV NNM7.01 Intermediate Patch 13	10 May 201000:00	–	nessus
Metasploit	HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow	12 Dec 200920:06	–	metasploit

NVD

Node

hp openview_network_node_managerMatch7.0.1hp_ux

OR

hp openview_network_node_managerMatch7.0.1linux

OR

hp openview_network_node_managerMatch7.0.1solaris

OR

hp openview_network_node_managerMatch7.0.1windows

OR

hp openview_network_node_managerMatch7.51-hp-ux

OR

hp openview_network_node_managerMatch7.51-linux

OR

hp openview_network_node_managerMatch7.51-solaris

OR

hp openview_network_node_managerMatch7.51-windows

OR

hp openview_network_node_managerMatch7.53-hp-ux

OR

hp openview_network_node_managerMatch7.53-linux

OR

hp openview_network_node_managerMatch7.53-solaris

OR

hp openview_network_node_managerMatch7.53-windows

Source	Link
securityfocus	www.securityfocus.com/bid/37299
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-09-097/
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/54654
securityfocus	www.securityfocus.com/archive/1/508348/100/0/threaded
marc	www.marc.info/
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-09-095/
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/54652
securityfocus	www.securityfocus.com/bid/37261
securityfocus	www.securityfocus.com/archive/1/508349/100/0/threaded
h20000	www.h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp

Parameter	Position	Path	Description	CWE
Oid	query param	/OvCgi/Main/Snmp.exe	HTTP CGI buffer overflow in Snmp.exe used to exploit HP OpenView NNM via crafted Oid parameter.	CWE-119
Host	query param	/OvCgi/Main/Snmp.exe	HTTP CGI buffer overflow in Snmp.exe used to exploit HP OpenView NNM via crafted Oid parameter.	CWE-119
Community	query param	/OvCgi/Main/Snmp.exe	HTTP CGI buffer overflow in Snmp.exe used to exploit HP OpenView NNM via crafted Oid parameter.	CWE-119
Action	query param	/OvCgi/Main/Snmp.exe	HTTP CGI buffer overflow in Snmp.exe used to exploit HP OpenView NNM via crafted Oid parameter.	CWE-119
Context	query param	/OvCgi/Main/Snmp.exe	HTTP CGI buffer overflow in Snmp.exe used to exploit HP OpenView NNM via crafted Oid parameter.	CWE-119

23 Apr 2026 00:35Current

7.5High risk

Vulners AI Score7.5

CVSS 210

EPSS0.83371

hp openview nnm buffer overflow cve-2009-3849 remote code execution