CVE-2008-0067

critical

Description

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program.

References

http://www.securityfocus.com/bid/33147

http://www.securityfocus.com/archive/1/499826/100/0/threaded

http://securitytracker.com/id?1021521

http://securityreason.com/securityalert/8307

http://securityreason.com/securityalert/4885

http://secunia.com/secunia_research/2008-13/

http://secunia.com/advisories/28074

http://marc.info/?l=bugtraq&m=123247393715913&w=2

Details

Source: Mitre, NVD

Published: 2009-01-08

Updated: 2018-10-15

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical