cbcvebase.
CVE-2009-0921
published 2009-03-25

CVE-2009-0921: Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute…

PriorityP350critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
13.24%
95.9th percentile
Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or (2) a long Accept-Language HTTP header, which triggers the error in ovwww.dll or libovwww.so.4.

Affected

3 ranges
VendorProductVersion rangeFixed in
hpnetwork_node_manager
hpnetwork_node_manager
hpnetwork_node_manager
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.