ZDI-12-002 : HP OpenView NNM ov.dll _OVBuildPath Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-002 : HP OpenView NNM ov.dll OVBuildPath Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-002 January 5, 2012 - -- CVE ID: CVE-2011-3167 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...

HP OpenView NNM ov.dll _OVBuildPath Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ov.dll. When processing a user supplied file name for the textFile optio...

HP OpenView Network Node Manager execvp_nc Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM01207 or NNM01206 without the SSRT100025 hotfix. By specifying a long 'sel' parameter when calling methods within the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow...

HP OpenView Network Node Manager Multiple Code Execution Vulnerabilities

HP OpenView Network Node Manager is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Heap overflow

Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via 1 a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or 2 a long Accept-Language HTTP header,...