CVE-2009-4178

Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://dvlabs.tippingpoint.com/advisory/TPTI-09-11	Patch
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877	Patch Vendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=126046355120442&w=2
http://www.securityfocus.com/archive/1/508354/100/0/threaded
http://www.securityfocus.com/bid/37261
http://www.securityfocus.com/bid/37340
https://exchange.xforce.ibmcloud.com/vulnerabilities/54659
http://dvlabs.tippingpoint.com/advisory/TPTI-09-11	Patch
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877	Patch Vendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877	Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=126046355120442&w=2
http://www.securityfocus.com/archive/1/508354/100/0/threaded
http://www.securityfocus.com/bid/37261
http://www.securityfocus.com/bid/37340
https://exchange.xforce.ibmcloud.com/vulnerabilities/54659

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::hp_ux:::::
	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::linux:::::
	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::solaris:::::
	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::windows:::::
	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:::::*
	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:::::*
	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:::::*
	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:::::*
	cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:::::*
	cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:::::*
	cpe:2.3:a:hp:openview_network_node_manager:7.53:-:solaris:::::*
	cpe:2.3:a:hp:openview_network_node_manager:7.53:-:windows:::::*

History

21 Nov 2024, 01:09

Type	Values Removed	Values Added
References	~~() http://dvlabs.tippingpoint.com/advisory/TPTI-09-11 - Patch~~	() http://dvlabs.tippingpoint.com/advisory/TPTI-09-11 - Patch
References	~~() http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 - Patch, Vendor Advisory~~	() http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 - Patch, Vendor Advisory
References	~~() http://marc.info/?l=bugtraq&m=126046355120442&w=2 -~~	() http://marc.info/?l=bugtraq&m=126046355120442&w=2 -
References	~~() http://www.securityfocus.com/archive/1/508354/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/508354/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/37261 -~~	() http://www.securityfocus.com/bid/37261 -
References	~~() http://www.securityfocus.com/bid/37340 -~~	() http://www.securityfocus.com/bid/37340 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/54659 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/54659 -

Information

Published : 2009-12-10 22:30

Updated : 2024-11-21 01:09

NVD link : CVE-2009-4178

Mitre link : CVE-2009-4178

CVE.ORG link : CVE-2009-4178

JSON object : View

Products Affected

openview_network_node_manager

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

10.0 /10