Buffer Overflow Vulnerability in HP OpenView Network Node Manager
CVE-2011-0262

Currently unrated

Key Information:

Vendor: HP
Status: Openview Network Node Manager
Vendor: CVE Published:; 13 January 2011

Summary

A buffer overflow exists in the stringToSeconds function within ovutil.dll, which is part of the HP OpenView Network Node Manager. This vulnerability can be exploited by remote attackers who send specially crafted large values to jovgraph.exe, potentially leading to the execution of arbitrary code on the affected systems. Users of HP OpenView Network Node Manager versions 7.51 and 7.53 should apply the necessary patches to mitigate the risk associated with this vulnerability.

References

http://www.securityfocus.com/archive/1/515628

vendor-advisoryx_refsource_HP

http://www.vupen.com/english/advisories/2011/0085

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/515628

vendor-advisoryx_refsource_HP

EPSS Score

46% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 13, 2011
Vulnerability Reserved
Dec 23, 2010