CVE-2009-4181

critical

Description

Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/54655

http://www.securityfocus.com/bid/37343

http://www.securityfocus.com/bid/37261

http://www.securityfocus.com/archive/1/508357/100/0/threaded

http://marc.info/?l=bugtraq&m=126046355120442&w=2

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877

http://dvlabs.tippingpoint.com/advisory/TPTI-09-14

Details

Source: Mitre, NVD

Published: 2009-12-10

Updated: 2018-10-10

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H