Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-6204Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Openview Network Node Manager

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources
Severity
10.0CRITICALNVD
EPSS
83.0%
top 0.74%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
HP Openview Network Node Manager
Timeline
PublishedDec 13
Latest updateMay 1

Description

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDhp/openview_network_node_manager6.41, 7.0.1, 7.51+2

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-23rg-hpwq-h786: Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 62022-05-01
CVEList
CVE-2007-6204: Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 62007-12-13

💥Exploits & PoCs

2
Exploit-DB
HP OpenView Network Node Manager (OV NNM) - 'OpenView5.exe' CGI Buffer Overflow (Metasploit)2010-05-09
Exploit-DB
HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow2007-12-12
CVE-2007-6204 — HP vulnerability | cvebase