Vulnerability Details : CVE-2009-4181
Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2009-4181
Probability of exploitation activity in the next 30 days: 83.09%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-4181
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
[email protected] |
CWE ids for CVE-2009-4181
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: [email protected] (Primary)
References for CVE-2009-4181
-
http://dvlabs.tippingpoint.com/advisory/TPTI-09-14
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/54655
- http://marc.info/?l=bugtraq&m=126046355120442&w=2
- http://www.securityfocus.com/bid/37261
-
http://www.securityfocus.com/bid/37343
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877
Patch;Vendor Advisory
-
http://www.securityfocus.com/archive/1/508357/100/0/threaded
Products affected by CVE-2009-4181
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*