Vulnerability Description
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Openview Network Node Manager | 7.51 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=123247393715913&w=2
- http://secunia.com/advisories/28074Vendor Advisory
- http://secunia.com/secunia_research/2008-13/Vendor Advisory
- http://securityreason.com/securityalert/4885
- http://securityreason.com/securityalert/8307
- http://securitytracker.com/id?1021521
- http://www.securityfocus.com/archive/1/499826/100/0/threaded
- http://www.securityfocus.com/bid/33147
- http://marc.info/?l=bugtraq&m=123247393715913&w=2
- http://secunia.com/advisories/28074Vendor Advisory
- http://secunia.com/secunia_research/2008-13/Vendor Advisory
- http://securityreason.com/securityalert/4885
- http://securityreason.com/securityalert/8307
- http://securitytracker.com/id?1021521
- http://www.securityfocus.com/archive/1/499826/100/0/threaded
FAQ
What is CVE-2008-0067?
CVE-2008-0067 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5...
How severe is CVE-2008-0067?
CVE-2008-0067 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0067?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Openview Network Node Manager.