cpe:/a:hp:network_node_manager:7.0.1 cpe:/a:hp:network_node_manager:7.5.1 cpe:/a:hp:network_node_manager:7.5.3 CVE-2009-0921 2009-03-24T21:30:00.530-04:00 2017-08-16T21:30:05.990-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-03-25T09:46:00.000-04:00 SECTRACK 1021883 BUGTRAQ 20090323 CORE-2009-0122: HP OpenView Buffer Overflows BID 34134 BID 34135 SECUNIA 34444 VUPEN ADV-2009-0819 HP HPSBMA02416 HP SSRT090008 XF hp-ovnnm-ovacceptlang-acceptlanguage-bo(49363) MISC http://www.coresecurity.com/content/openview-buffer-overflows Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or (2) a long Accept-Language HTTP header, which triggers the error in ovwww.dll or libovwww.so.4.