CVE-2009-3848

2009-12-1022:30:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.806

Percentile

98.3%

JSON

Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function.

Affected configurations

Nvd

Node

hpopenview_network_node_managerMatch7.0.1hp_ux

hpopenview_network_node_managerMatch7.0.1linux

hpopenview_network_node_managerMatch7.0.1solaris

hpopenview_network_node_managerMatch7.0.1windows

hpopenview_network_node_managerMatch7.51-hp-ux

hpopenview_network_node_managerMatch7.51-linux

hpopenview_network_node_managerMatch7.51-solaris

hpopenview_network_node_managerMatch7.51-windows

hpopenview_network_node_managerMatch7.53-hp-ux

hpopenview_network_node_managerMatch7.53-linux

hpopenview_network_node_managerMatch7.53-solaris

hpopenview_network_node_managerMatch7.53-windows

VendorProductVersionCPE
hpopenview_network_node_manager7.0.1cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*
hpopenview_network_node_manager7.0.1cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:linux:*:*:*:*:*
hpopenview_network_node_manager7.0.1cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:solaris:*:*:*:*:*
hpopenview_network_node_manager7.0.1cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:windows:*:*:*:*:*
hpopenview_network_node_manager7.51cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*
hpopenview_network_node_manager7.51cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*
hpopenview_network_node_manager7.51cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*
hpopenview_network_node_manager7.51cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*
hpopenview_network_node_manager7.53cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
hpopenview_network_node_manager7.53cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*

Vendor	Product	Version	CPE
hp	openview_network_node_manager	7.0.1	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::hp_ux:::::
hp	openview_network_node_manager	7.0.1	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::linux:::::
hp	openview_network_node_manager	7.0.1	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::solaris:::::
hp	openview_network_node_manager	7.0.1	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::windows:::::
hp	openview_network_node_manager	7.51	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:::::*
hp	openview_network_node_manager	7.51	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:::::*
hp	openview_network_node_manager	7.51	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:::::*
hp	openview_network_node_manager	7.51	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:::::*
hp	openview_network_node_manager	7.53	cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:::::*
hp	openview_network_node_manager	7.53	cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:::::*