Buffer Overflow in HP OpenView Network Node Manager's Error Handling Functionality
CVE-2010-1960

Currently unrated

Key Information:

Vendor: HP
Status: Openview Network Node Manager
Vendor: CVE Published:; 10 June 2010

Summary

A buffer overflow vulnerability exists in the error handling functionality of ovwebsnmpsrv.exe within HP OpenView Network Node Manager versions 7.51 and 7.53. This flaw permits remote attackers to execute arbitrary code by supplying a maliciously crafted option to jovgraph.exe. By exploiting this vulnerability, adversaries can gain unauthorized access and potentially take control of the system, highlighting significant security concerns for users relying on this network management software.

References

http://www.securityfocus.com/archive/1/511734/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.zerodayinitiative.com/advisories/ZDI-10-105/

x_refsource_MISC

http://marc.info/?l=bugtraq&m=127602909915281&w=2

vendor-advisoryx_refsource_HP

EPSS Score

73% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 10, 2010
Vulnerability Reserved
May 19, 2010