CVE-2011-0994 – Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2011-0994

Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data. Desbordamiento de búfer de pila en NFRAgent.exe en Novell File Reporter (NFR) anterior a v1.0.2 permite a atacantes remotos ejecutar código arbitrario mediante datos XML no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Agent. Authentication is not required to exploit this vulnerability. The flaw exists within the NFRAgent.exe component which listens by default on TCP port 3037. When handling the contents of an XML tag the process blindly copies user supplied data into a fixed-length buffer on the stack. • http://download.novell.com/Download?buildid=rCAgCcbPH9s~ http://secunia.com/advisories/43975 http://securityreason.com/securityalert/8194 http://www.securityfocus.com/archive/1/517321/100/0/threaded http://www.securityfocus.com/bid/47144 http://www.securitytracker.com/id?1025292 http://www.vupen.com/english/advisories/2011/0866 http://www.zerodayinitiative.com/advisories/ZDI-11-116 https://exchange.xforce.ibmcloud.com/vulnerabilities/66548 https://oval.cisecurity.org/repository/search/definiti • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •