cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*
Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe.
Max CVSS
10.0
EPSS Score
81.76%
Published
2009-12-10
Updated
2018-10-10
Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.
Max CVSS
10.0
EPSS Score
54.59%
Published
2009-12-10
Updated
2018-10-10

CVE-2009-4179

Public exploit
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
Max CVSS
10.0
EPSS Score
95.16%
Published
2009-12-10
Updated
2018-10-10

CVE-2009-4178

Public exploit
Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.
Max CVSS
10.0
EPSS Score
96.49%
Published
2009-12-10
Updated
2018-10-10
Buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.
Max CVSS
10.0
EPSS Score
82.96%
Published
2009-12-10
Updated
2018-10-10
Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe.
Max CVSS
10.0
EPSS Score
78.94%
Published
2009-12-10
Updated
2018-10-10
Multiple buffer overflows in a certain ActiveX control in ActiveDom.ocx in HP OpenView Network Node Manager (OV NNM) 7.53 might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via a long string argument to the (1) DisplayName, (2) AddGroup, (3) InstallComponent, or (4) Subscribe method. NOTE: this issue is not a vulnerability in many environments, because the control is not marked as safe for scripting and would not execute with default Internet Explorer settings.
Max CVSS
5.0
EPSS Score
0.59%
Published
2009-11-19
Updated
2017-08-17

CVE-2009-3849

Public exploit
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.
Max CVSS
10.0
EPSS Score
96.67%
Published
2009-12-10
Updated
2018-10-10
Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function.
Max CVSS
10.0
EPSS Score
83.96%
Published
2009-12-10
Updated
2018-10-10
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
13.77%
Published
2009-12-10
Updated
2017-08-17
Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter.
Max CVSS
10.0
EPSS Score
78.94%
Published
2009-12-10
Updated
2018-10-10
The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts.
Max CVSS
10.0
EPSS Score
2.92%
Published
2009-12-10
Updated
2018-10-10
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Error Code field in a packet.
Max CVSS
5.0
EPSS Score
27.00%
Published
2009-11-19
Updated
2009-11-24
Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420.
Max CVSS
7.5
EPSS Score
0.51%
Published
2009-07-02
Updated
2009-07-02
Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when used with SNMP (aka HPOvNNM.HPOVSNMP) before 1.30.009 and MIB (aka HPOvNNM.HPOVMIB) before 1.30.009, allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
Max CVSS
10.0
EPSS Score
75.00%
Published
2009-06-11
Updated
2009-07-11
Stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted HTTP request.
Max CVSS
10.0
EPSS Score
12.09%
Published
2009-12-10
Updated
2009-12-19
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
15.10%
Published
2009-05-05
Updated
2009-05-13
Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205.
Max CVSS
10.0
EPSS Score
1.45%
Published
2009-02-08
Updated
2019-10-09
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205.
Max CVSS
7.8
EPSS Score
0.30%
Published
2009-02-08
Updated
2019-10-09
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program. NOTE: this issue may be partially covered by CVE-2009-0205.
Max CVSS
10.0
EPSS Score
1.45%
Published
2009-02-08
Updated
2019-10-09
Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted command to TCP port 2954, which triggers a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
73.77%
Published
2009-04-28
Updated
2018-10-11
21 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!