Vulnerability Name: | CVE-2011-0270 (CCN-64646) | ||||||||
Assigned: | 2010-12-23 | ||||||||
Published: | 2011-01-10 | ||||||||
Updated: | 2017-08-17 | ||||||||
Summary: | Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name. | ||||||||
CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-134 | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2011-0270 Source: CCN Type: HP Security Bulletin HPSBMA02621 SSRT100352 rev.2 HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code Source: OSVDB Type: UNKNOWN 70474 Source: CCN Type: SECTRACK ID: 1024951 HP OpenView Network Node Manager Multiple Bugs Let Remote Users Execute Arbitrary Code Source: CCN Type: OSVDB ID: 70474 HP OpenView Network Node Manager (OV NNM) nnmRptConfig.exe Invalid Template Name Remote Format String Source: HP Type: UNKNOWN HPSBMA02621 Source: BID Type: UNKNOWN 45762 Source: CCN Type: BID-45762 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities Source: SECTRACK Type: UNKNOWN 1024951 Source: VUPEN Type: UNKNOWN ADV-2011-0085 Source: MISC Type: UNKNOWN http://www.zerodayinitiative.com/advisories/ZDI-11-012/ Source: XF Type: UNKNOWN hp-opennnm-nnmrptconfig-format-string(64646) Source: XF Type: UNKNOWN hp-opennnm-nnmrptconfig-format-string(64646) Source: CCN Type: ZDI-11-012 Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe Remote Code Execution Vulnerability | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |