Stack-Based Buffer Overflow in HP OpenView Network Node Manager
CVE-2011-0263

Currently unrated

Key Information:

Vendor: HP
Status: Openview Network Node Manager
Vendor: CVE Published:; 13 January 2011

Summary

Multiple stack-based buffer overflow vulnerabilities exist in the 'ovas.exe' component of the OVAS service within specific versions of HP OpenView Network Node Manager. These flaws can be exploited by remote attackers to execute arbitrary code through specially crafted Source Node or Destination Node variables. Taking advantage of this vulnerability could allow intruders to compromise system integrity, steal sensitive data, or disrupt operations.

References

http://www.securityfocus.com/archive/1/515628

vendor-advisoryx_refsource_HP

http://www.vupen.com/english/advisories/2011/0085

vdb-entryx_refsource_VUPEN

http://www.zerodayinitiative.com/advisories/ZDI-11-005/

x_refsource_MISC

EPSS Score

49% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 13, 2011
Vulnerability Reserved
Dec 23, 2010