CVE-2011-0270

HIGH

Description

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name.

References

http://osvdb.org/70474

http://www.securityfocus.com/archive/1/515628

http://www.securityfocus.com/bid/45762

http://www.securitytracker.com/id?1024951

http://www.vupen.com/english/advisories/2011/0085

http://www.zerodayinitiative.com/advisories/ZDI-11-012/

https://exchange.xforce.ibmcloud.com/vulnerabilities/64646

Details

Source: MITRE

Published: 2011-01-13

Updated: 2017-08-17

Type: CWE-134

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH