CVE-2010-1964

HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow

Title source: metasploit
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2010-1964. PoCs published by Metasploit, bitform, jduck, including Metasploit module exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.

AI-analyzed exploit summary This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager 7.53 via a long 'arg' parameter in the 'jovgraph.exe' CGI program. It achieves arbitrary code execution by overwriting SEH structures, with support for both GET and POST requests.

Description

Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/17041

This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager 7.53 via a long 'arg' parameter in the 'jovgraph.exe' CGI program. It achieves arbitrary code execution by overwriting SEH structures, with support for both GET and POST requests.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: HP OpenView Network Node Manager 7.53 prior to NNM_01203
No auth needed
Prerequisites: Network access to the target · Vulnerable version of HP OpenView Network Node Manager
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by bitform · textlocalwindows
https://www.exploit-db.com/exploits/14256

This exploit demonstrates a buffer overflow in HP NNM 7.53's ovwebsnmpsrv.exe via the -dump command-line argument, overwriting SEH to execute an alphanumeric bind shell. The PoC includes a crafted payload to carve EAX and trigger the shellcode.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.53
No auth needed
Prerequisites: HP NNM 7.53 installed on Windows XP SP2 · Local or remote access to execute the command
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb

This Metasploit module exploits a stack-based buffer overflow in HP OpenView Network Node Manager 7.53 via a long 'arg' parameter in the 'jovgraph.exe' CGI program, allowing arbitrary code execution by overwriting SEH structures.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: HP OpenView Network Node Manager 7.53 prior to NNM_01203
No auth needed
Prerequisites: Network access to the vulnerable CGI endpoint · Vulnerable version of HP OpenView Network Node Manager
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-108
Patch vendor-advisory x_refsource_hp
http://seclists.org/bugtraq/2010/Jun/152
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511854/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/65552
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8155
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40873

Scores

EPSS 0.6799
EPSS Percentile 99.2%

Details

Status published
Products (2)
hp/openview_network_node_manager 7.51 (5 CPE variants)
hp/openview_network_node_manager 7.53 (5 CPE variants)
Published Jun 17, 2010
Tracked Since Feb 18, 2026