CVE-2011-2220 – Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2220
Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element. Desbordamiento de búfer basado en pila en NFREngine.exe en Novell File Reporter Engine anterior a v1.0.2.53, como se utiliza en Novell File Reporter y otros productos, permite a atacantes remotos ejecutar código arbitrario a través de un elemento RECORD manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Engine. Authentication is not required to exploit this vulnerability. The specific flaw exists within NFREngine.exe which communicates with the Agent component over HTTPS on TCP port 3035. When parsing tags inside the <RECORD> element, the application lacks a size check before pushing strings to a memcpy. • http://download.novell.com/Download?buildid=leLxi7tQACs~ http://secunia.com/advisories/45065 http://securityreason.com/securityalert/8305 http://securitytracker.com/id?1025722 http://www.securityfocus.com/archive/1/518632/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-11-227 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0994 – Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0994
Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data. Desbordamiento de búfer de pila en NFRAgent.exe en Novell File Reporter (NFR) anterior a v1.0.2 permite a atacantes remotos ejecutar código arbitrario mediante datos XML no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Agent. Authentication is not required to exploit this vulnerability. The flaw exists within the NFRAgent.exe component which listens by default on TCP port 3037. When handling the contents of an XML tag the process blindly copies user supplied data into a fixed-length buffer on the stack. • http://download.novell.com/Download?buildid=rCAgCcbPH9s~ http://secunia.com/advisories/43975 http://securityreason.com/securityalert/8194 http://www.securityfocus.com/archive/1/517321/100/0/threaded http://www.securityfocus.com/bid/47144 http://www.securitytracker.com/id?1025292 http://www.vupen.com/english/advisories/2011/0866 http://www.zerodayinitiative.com/advisories/ZDI-11-116 https://exchange.xforce.ibmcloud.com/vulnerabilities/66548 https://oval.cisecurity.org/repository/search/definiti • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •