Summary
HP OpenView Network Node Manager (NNM) is prone to multiple remote code-execution vulnerabilities because it fails to sanitize user- supplied data.
An attacker can exploit these issues to execute arbitrary code with the privileges of the user running the affected application.
Successful exploits will compromise the affected application and possibly the underlying computer.
These issues affects NNM 7.51, v7.53 running on HP-UX, Linux, Solaris, and Windows
other versions and platforms may also be affected.
Solution
Updates are available
please contact the vendor for more information.
References
Severity
Classification
-
CVE CVE-2011-3166, CVE-2011-3167 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- ArticleSetup Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
- AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities
- Assesi 'bg' Parameter SQL Injection vulnerability
- ATutor < 1.5.1-pl1 Multiple Flaws
- 3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability