Buffer overflow in Hp Openview_network_node_manager

CVE-2011-0262

Buffer overflow in the stringToSeconds function in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via large values of variables to jovgraph.exe.

Vulnerability class: Buffer Overflow

EPSS: 0.322 (96.9th percentile) — read the EPSS interpretation.

Affected products

Hp Openview_network_node_manager — versions 7.51, 7.53
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

HPSBMA02621 (x_refsource_HP, vendor-advisory)
ADV-2011-0085 (vdb-entry, x_refsource_VUPEN)
hp-opennnm-ovutildll-bo(64654) (vdb-entry, x_refsource_XF)
hp-security-alert@hp.com (x_refsource_MISC)
45762 (vdb-entry, x_refsource_BID)
1024951 (vdb-entry, x_refsource_SECTRACK)