Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-0067

CWE-119 ā€” Buffer Overflow4 documents4 sources
Severity
10.0CRITICAL
EPSS
81.9%
top 0.80%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
HP Openview Network Node Manager
Timeline
PublishedJan 8
Latest updateMay 1

Description

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

šŸ”“Vulnerability Details

2
GHSA
GHSA-5g96-4fvw-4f29: Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7ā†—2022-05-01
ā–¶
CVEList
CVE-2008-0067: Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7ā†—2009-01-08
ā–¶

šŸ’„Exploits & PoCs

1
Exploit-DB
HP OpenView Network Node Manager (OV NNM) - 'Toolbar.exe' CGI Buffer Overflow (Metasploit)ā†—2010-05-09
ā–¶
CVE-2008-0067 (CRITICAL CVSS 10) | Multiple stack-based buffer overflo | cvebase.io