CVE-2009-4176

2009-12-1022:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-4176

hp openview

network node manager

buffer overflow

remote code execution

nvd

vulnerability

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.789 High

EPSS

Percentile

98.2%

JSON

Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe.

CPENameOperatorVersion
hp:openview_network_node_managerhp openview network node managereq7.53
hp:openview_network_node_managerhp openview network node managereq7.0.1
hp:openview_network_node_managerhp openview network node managereq7.51

CPE	Name	Operator	Version
hp:openview_network_node_manager	hp openview network node manager	eq	7.53
hp:openview_network_node_manager	hp openview network node manager	eq	7.0.1
hp:openview_network_node_manager	hp openview network node manager	eq	7.51