CVE-2010-1961

Name of the Vulnerable Software and Affected Versions HP OpenView Network Node Manager versions 7.51 through 7.53

Description The issue is related to a buffer overflow in the ovutil.dll component of HP OpenView Network Node Manager, specifically in the ovwebsnmpsrv.exe process. This occurs when unspecified variables are passed to jovgraph.exe and not properly handled in a call to the sprintf function, allowing remote attackers to execute arbitrary code.

Recommendations For HP OpenView Network Node Manager versions 7.51 and 7.53, consider restricting access to the ovwebsnmpsrv.exe process and the jovgraph.exe application until a patch is available. As a temporary workaround, avoid using the affected variables in the call to the sprintf function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.