Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.
Threat-Mapped Scoring
Score: 1.8
Priority: P4 - Informational (Low)
S9 – Sabotage of System/App
EPSS
Score: 0.83371 Percentile:
0.9921
CVSS Scoring
CVSS v2 Score: 10.0
Severity:
Mapped CWE(s)
CWE-119
: Improper Restriction of Operations within the Bounds of a Memory Buffer
All CAPEC(s)
CAPEC-10: Buffer Overflow via Environment Variables