CVE-2008-0067
HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Buffer Overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program.
Múltiples desbordamientos de búfer basados en pila en HP OpenView Network Node Manager (OV NNM) v7.51 permite a atacantes remotos ejecutar código de su elección a través de (1) parámetros de cadenas largas del programa CGI OpenView5.exe; (2) un parámetro de cadena larga del programa CGI OpenView5.exe, relacionado con ov.dll; o un parámetro de cadena larga de los programas CGI (3) getcvdata.exe, (4) ovlaunch.exe, o (5) Toolbar.exe.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-01-03 CVE Reserved
- 2009-01-07 CVE Published
- 2010-05-09 First Exploit
- 2024-08-07 CVE Updated
- 2024-08-24 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://securityreason.com/securityalert/4885 | Third Party Advisory | |
http://securityreason.com/securityalert/8307 | Third Party Advisory | |
http://securitytracker.com/id?1021521 | Vdb Entry | |
http://www.securityfocus.com/archive/1/499826/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/33147 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/16795 | 2010-05-09 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://marc.info/?l=bugtraq&m=123247393715913&w=2 | 2018-10-15 | |
http://secunia.com/advisories/28074 | 2018-10-15 | |
http://secunia.com/secunia_research/2008-13 | 2018-10-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.51 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51" | - |
Affected
|