What is CVE-2010-1552?

CVE-2010-1552 is a vulnerability in Hp Openview_network_node_manager, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-05-13.

Is CVE-2010-1552 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Hp Openview_network_node_manager

CVE-2010-1552

Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters.

Vulnerability class: Buffer Overflow

EPSS: 0.799 (99.1th percentile) — read the EPSS interpretation.

Affected products

Hp Openview_network_node_manager — versions 7.0.1, 7.53, 7.51
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

SSRT010098 (x_refsource_HP, vendor-advisory)
8157 (x_refsource_SREASON, third-party-advisory)
20100511 ZDI-10-083: HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
hp-security-alert@hp.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2010-1552?: CVE-2010-1552 is a vulnerability in Hp Openview_network_node_manager, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-05-13.
Is CVE-2010-1552 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.