Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
Loading...
Loading...
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
December 10, 2009
April 23, 2026
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
Working exploit code is in the public domain (1 Metasploit module) (2 Exploit-DB entries). Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
HP OpenView Network Node Manager (OV NNM) - 'ovalarm.exe' CGI Buffer Overflow (Metasploit)
Open source ↗HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Remote Buffer Overflow
Open source ↗HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow
Open source ↗Explore the affected products and dependency analysis for CVE-2009-4179
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.
CWE-119