Vulnerability Description
Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Openview Network Node Manager | 7.51 |
| Microsoft | Windows | All versions |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=127973001009749&w=2PatchVendor Advisory
- http://osvdb.org/66514
- http://secunia.com/advisories/40686Vendor Advisory
- http://securityreason.com/securityalert/8161
- http://www.attrition.org/pipermail/vim/2010-July/002374.html
- http://www.exploit-db.com/exploits/14916
- http://www.securityfocus.com/archive/1/512544/100/0/threaded
- http://www.securityfocus.com/archive/1/512552/100/0/threaded
- http://www.securityfocus.com/bid/41829
- http://www.securitytracker.com/id?1024224
- http://www.securitytracker.com/id?1024238
- http://www.vupen.com/english/advisories/2010/1866Vendor Advisory
- http://marc.info/?l=bugtraq&m=127973001009749&w=2PatchVendor Advisory
- http://osvdb.org/66514
- http://secunia.com/advisories/40686Vendor Advisory
FAQ
What is CVE-2010-2703?
CVE-2010-2703 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbit...
How severe is CVE-2010-2703?
CVE-2010-2703 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2703?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Openview Network Node Manager, Microsoft Windows.