Vulnerability in Hp Openview_network_node_manager

CVE-2011-0270

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name.

EPSS: 0.315 (96.9th percentile) — read the EPSS interpretation.

Affected products

Hp Openview_network_node_manager — versions 7.51, 7.53
N/a — versions n/a

Weakness classification (CWE)

CWE-134 — Use of Externally-Controlled Format String

References

HPSBMA02621 (x_refsource_HP, vendor-advisory)
ADV-2011-0085 (vdb-entry, x_refsource_VUPEN)
hp-security-alert@hp.com (x_refsource_MISC)
45762 (vdb-entry, x_refsource_BID)
1024951 (vdb-entry, x_refsource_SECTRACK)
70474 (x_refsource_OSVDB, vdb-entry)
hp-opennnm-nnmrptconfig-format-string(64646) (vdb-entry, x_refsource_XF)