Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-0267

CWE-119 — Buffer Overflow4 documents4 sources

Severity

10.0CRITICAL

EPSS

79.0%

top 0.94%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

HP Openview Network Node Manager

Timeline

PublishedJan 13

Latest updateMay 17

Description

Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/openview_network_node_manager7.51, 7.53+1

🔴Vulnerability Details

GHSA

GHSA-2w6p-6qgj-jpgr: Multiple buffer overflows in nnmRptConfig↗2022-05-17

▶

CVEList

CVE-2011-0267: Multiple buffer overflows in nnmRptConfig↗2011-01-13

▶

💥Exploits & PoCs

Exploit-DB

HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe schdParams' Remote Buffer Overflow (Metasploit)↗2011-03-24

▶