HP OpenView Network Node Manager 'Accept-Language' HTTP Header Heap Buffer Overflow Vulnerability

HP OpenView Network Node Manager is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers.

Successfully exploiting this issue may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application.

HP OpenView Network Node Manager 7.51, 7.53, and 7.53 with patch NNM_01195 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus