What is CVE-2011-0266?

CVE-2011-0266 is a vulnerability in Hp Openview_network_node_manager, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-01-13.

Is CVE-2011-0266 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Hp Openview_network_node_manager

CVE-2011-0266

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2.

Vulnerability class: Buffer Overflow

EPSS: 0.775 (99.0th percentile) — read the EPSS interpretation.

Affected products

Hp Openview_network_node_manager — versions 7.51, 7.53
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

HPSBMA02621 (x_refsource_HP, vendor-advisory)
ADV-2011-0085 (vdb-entry, x_refsource_VUPEN)
hp-security-alert@hp.com (x_refsource_MISC)
8151 (x_refsource_SREASON, third-party-advisory)
45762 (vdb-entry, x_refsource_BID)
1024951 (vdb-entry, x_refsource_SECTRACK)
hp-opennnm-nameparams-bo(64650) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2011-0266?: CVE-2011-0266 is a vulnerability in Hp Openview_network_node_manager, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-01-13.
Is CVE-2011-0266 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.