CVE - CVE-2010-2703

CVE-ID
CVE-2010-2703	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:41829 URL:http://www.securityfocus.com/bid/41829 BUGTRAQ:20100721 VUPEN Security Research - HP OpenView Network Node Manager "ov.dll" Buffer Overflow Vulnerability (CVE-2010-2704) URL:http://www.securityfocus.com/archive/1/512544/100/0/threaded BUGTRAQ:20100721 ZDI-10-137: Hewlett-Packard OpenView NNM webappmon.exe execvp_nc Remote Code Execution Vulnerability URL:http://www.securityfocus.com/archive/1/512552/100/0/threaded EXPLOIT-DB:14916 URL:http://www.exploit-db.com/exploits/14916 HP:HPSBMA02557 URL:http://marc.info/?l=bugtraq&m=127973001009749&w=2 HP:SSRT100025 URL:http://marc.info/?l=bugtraq&m=127973001009749&w=2 OSVDB:66514 URL:~~http://osvdb.org/66514~~ (Obsolete source) SECTRACK:1024224 URL:http://www.securitytracker.com/id?1024224 SECTRACK:1024238 URL:http://www.securitytracker.com/id?1024238 SECUNIA:40686 URL:http://secunia.com/advisories/40686 SREASON:8161 URL:http://securityreason.com/securityalert/8161 VIM:20100727 CVE number confusion in HP OV NNM products URL:http://www.attrition.org/pipermail/vim/2010-July/002374.html VUPEN:ADV-2010-1866 URL:~~http://www.vupen.com/english/advisories/2010/1866~~ (Obsolete source)
Assigning CNA
HP Inc.
Date Record Created
20100712	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100712)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)