Vulnerability CVE-2010-2709
Published: 2010-08-05   Modified: 2012-02-13

Description:
Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.

See advisories in our WLB2 database:
Topic
Author
Date
High
HP OpenView NNM v.7.53 OvJavaLocale Buffer Overflow Vulnerability
Nahuel Riva
05.08.2010
High
HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow
metasploit
24.03.2011

Type:

CWE-119

 (Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
HP -> Openview network node manager 

 References:
http://www.securityfocus.com/bid/42154
http://seclists.org/bugtraq/2010/Aug/21
http://seclists.org/bugtraq/2010/Aug/21
http://xforce.iss.net/xforce/xfdb/60880
http://www.exploit-db.com/exploits/14547
http://www.coresecurity.com/content/hp-nnm-ovjavalocale-buffer-overflow
http://securitytracker.com/id?1024274
http://securityreason.com/securityalert/8150
Copyright 2026, cxsecurity.com

 

Back to Top