Buffer Overflow in HP OpenView NNM Allows Remote Code Execution
CVE-2010-1964

Currently unrated

Key Information:

Vendor: HP
Status: Openview Network Node Manager
Vendor: CVE Published:; 17 June 2010

Summary

A buffer overflow vulnerability exists in the ovwebsnmpsrv.exe component of HP OpenView Network Node Manager versions 7.51 and 7.53. This flaw allows remote attackers to execute arbitrary code by sending specially crafted parameters to jovgraph.exe. Exploiting this vulnerability could lead to unauthorized access and control over affected systems, posing significant risks to network management and security.

References

http://www.zerodayinitiative.com/advisories/ZDI-10-108

x_refsource_MISC

http://seclists.org/bugtraq/2010/Jun/152

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/archive/1/511854/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

82% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 17, 2010
Vulnerability Reserved
May 19, 2010