Unrated severityNVD Advisory· Published Dec 10, 2009· Updated Jun 16, 2026
CVE-2009-3849
CVE-2009-3849
Description
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*+ 12 more
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:solaris:*:*:*:*:*
- cpe:2.3:a:hp:openview_network_node_manager:7.53:-:windows:*:*:*:*:*
- (no CPE)range: 7.01, 7.51, 7.53
Patches
Vulnerability mechanics
References
11- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdPatchVendor Advisory
- marc.infonvd
- www.securityfocus.com/archive/1/508348/100/0/threadednvd
- www.securityfocus.com/archive/1/508349/100/0/threadednvd
- www.securityfocus.com/bid/37261nvd
- www.securityfocus.com/bid/37298nvd
- www.securityfocus.com/bid/37299nvd
- zerodayinitiative.com/advisories/ZDI-09-095/nvd
- zerodayinitiative.com/advisories/ZDI-09-097/nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/54652nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/54654nvd
News mentions
0No linked articles in our index yet.