Published: 10/06/2010 Updated: 10/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote malicious users to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprintf function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp openview network node manager 7.53
hp openview network node manager 7.51

## # $Id: hp_nnm_ovwebsnmpsrv_ovutilrb 12096 2011-03-23 15:44:55Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/c ...

This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 753 prior to NNM_01203 By specifying a long 'arg' parameter when executing the 'jovgraphexe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code This vulnerability is triggerable via either a GET or POST request T ...

CWE-119 http://www.securityfocus.com/bid/40638 http://www.zerodayinitiative.com/advisories/ZDI-10-106/http://marc.info/?l=bugtraq&m=127602909915281&w=2 http://www.securitytracker.com/id?1024071 http://secunia.com/advisories/40101 https://exchange.xforce.ibmcloud.com/vulnerabilities/59250 http://www.securityfocus.com/archive/1/511731/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/17044/

CVE-2010-1961

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect