CVE-2009-3846
HP OpenView Network Node Manager 7.01, 7.51, 7.53 - Remote Code Execution via Long Userid or Passwd Parameter
Title source: llmDescription
Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter.
References (7)
Core 7
Core References
Vendor Advisory x_refsource_misc
http://dvlabs.tippingpoint.com/advisory/TPTI-09-08
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/54658
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/508350/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/37261
Mailing List vendor-advisory
x_refsource_hp
http://marc.info/?l=bugtraq&m=126046355120442&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/37295
Patch, Vendor Advisory vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877
Scores
EPSS
0.2563
EPSS Percentile
96.3%
Details
CWE
CWE-119
Status
published
Products (3)
hp/openview_network_node_manager
7.0.1 (4 CPE variants)
hp/openview_network_node_manager
7.51 (4 CPE variants)
hp/openview_network_node_manager
7.53 (4 CPE variants)
Published
Dec 10, 2009
Tracked Since
Feb 18, 2026