CVE Vulnerabilities

CVE-2011-0270

Use of Externally-Controlled Format String

Published: Jan 13, 2011 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name.

Weakness

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Affected Software

Name Vendor Start Version End Version
Openview_network_node_manager Hp 7.51 (including) 7.51 (including)
Openview_network_node_manager Hp 7.53 (including) 7.53 (including)

Potential Mitigations

References