CVE Vulnerability

CVE-2007-6204

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.zerodayinitiative.com/advisories/ZDI-07-071.html
http://www.securityfocus.com/bid/26741 Exploit Patch
http://www.securitytracker.com/id?1019055
http://secunia.com/advisories/27964 Vendor Advisory
http://securityreason.com/securityalert/3441
http://www.vupen.com/english/advisories/2007/4111 Vendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01188923
https://exchange.xforce.ibmcloud.com/vulnerabilities/38892
https://www.exploit-db.com/exploits/4724
http://www.securityfocus.com/archive/1/484704/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:6.41:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:*:*:*:*:*:*
Information

Published : 2007-12-13 09:46

Updated : 2018-10-15 09:51

NVD link : CVE-2007-6204

Mitre link : CVE-2007-6204

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer