Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1964

6 documents5 sources

Severity

7.5HIGH

EPSS

79.5%

top 0.92%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Openview Network Node Manager

Timeline

PublishedJun 17

Latest updateMay 14

Description

Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDhp/openview_network_node_manager7.51, 7.53+1

Patches

Patch: seclists.org ↗Patch: seclists.org ↗

🔴Vulnerability Details

GHSA

GHSA-4q4q-gj6j-5g8p: Buffer overflow in ovwebsnmpsrv↗2022-05-14

▶

CVEList

CVE-2010-1964: Buffer overflow in ovwebsnmpsrv↗2010-06-17

▶

💥Exploits & PoCs

Exploit-DB

HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe main' Remote Buffer Overflow (Metasploit)↗2011-03-23

▶

Exploit-DB

HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovwebsnmpsrv.exe' Local Buffer Overflow (SEH)↗2010-07-07

▶

Metasploit

HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow↗

▶