What is CVE-2010-1555?

CVE-2010-1555 is a vulnerability in Hp Openview_network_node_manager, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-05-13.

Is CVE-2010-1555 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Hp Openview_network_node_manager

CVE-2010-1555

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.

Vulnerability class: Buffer Overflow

EPSS: 0.798 (99.1th percentile) — read the EPSS interpretation.

Affected products

Hp Openview_network_node_manager — versions 7.0.1, 7.53, 7.51
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

SSRT010098 (x_refsource_HP, vendor-advisory)
20100511 ZDI-10-086: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
40072 (vdb-entry, x_refsource_BID)
hp-security-alert@hp.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2010-1555?: CVE-2010-1555 is a vulnerability in Hp Openview_network_node_manager, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-05-13.
Is CVE-2010-1555 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.