CVE Vulnerability

CVE-2008-0067

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.securityfocus.com/bid/33147
http://secunia.com/secunia_research/2008-13/ Vendor Advisory
http://securitytracker.com/id?1021521
http://secunia.com/advisories/28074 Vendor Advisory
http://securityreason.com/securityalert/4885
http://marc.info/?l=bugtraq&m=123247393715913&w=2
http://securityreason.com/securityalert/8307
http://www.securityfocus.com/archive/1/499826/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*
Information

Published : 2009-01-08 07:30

Updated : 2018-10-15 09:57

NVD link : CVE-2008-0067

Mitre link : CVE-2008-0067

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer