Unrated severityNVD Advisory· Published Dec 10, 2009· Updated Apr 23, 2026
CVE-2009-3849
CVE-2009-3849
Description
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.
Affected products
12cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*+ 11 more
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:windows:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdPatchVendor Advisory
- marc.infonvd
- www.securityfocus.com/archive/1/508348/100/0/threadednvd
- www.securityfocus.com/archive/1/508349/100/0/threadednvd
- www.securityfocus.com/bid/37261nvd
- www.securityfocus.com/bid/37298nvd
- www.securityfocus.com/bid/37299nvd
- zerodayinitiative.com/advisories/ZDI-09-095/nvd
- zerodayinitiative.com/advisories/ZDI-09-097/nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/54652nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/54654nvd
News mentions
0No linked articles in our index yet.