exploitDog

CVE-2009-0921

Опубликовано: 25 мар. 2009

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or (2) a long Accept-Language HTTP header, which triggers the error in ovwww.dll or libovwww.so.4.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hp:network_node_manager:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:hp:network_node_manager:7.5.1:*:*:*:*:*:*:*

cpe:2.3:a:hp:network_node_manager:7.5.3:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.35964

Средний

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-6c5j-6f9w-rg72

github

почти 4 года назад

Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or (2) a long Accept-Language HTTP header, which triggers the error in ovwww.dll or libovwww.so.4.

EPSS

Процентиль: 97%

0.35964

Средний

10 Critical

CVSS2

Дефекты

CWE-119