CVSS: 9.3EPSS: 88%CPEs: 2EXPL: 0CVE-2010-4299
https://notcve.org/view.php?id=CVE-2010-4299
Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400. Un desbordamiento de búfer basado en montículo en ZfHIPCND.exe en Novell ZENworks 7 Handheld Management (ZHM) permite a atacantes remotos ejecutar código de su elección a través de una petición debidamente modificada al puerto TCP 2400. • http://marc.info/?l=full-disclosure&m=128916914213292&w=2 http://secunia.com/advisories/42130 http://www.novell.com/support/viewContent.do?externalId=7007135 http://www.securitytracker.com/id?1024691 http://www.zerodayinitiative.com/advisories/ZDI-10-230 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 13%CPEs: 1EXPL: 0CVE-2007-1119
https://notcve.org/view.php?id=CVE-2007-1119
Unspecified vulnerability in Novell ZENworks 7 Desktop Management Support Pack 1 before Hot patch 3 (ZDM7SP1HP3) allows remote attackers to upload images to certain folders that were not configured in the "Only allow uploads to the following directories" setting via unspecified vectors. Vulnerabilidad no especificada en Novell ZENworks 7 Desktop Management Support Pack 1 anterios a Hot patch 3 (ZDM7SP1HP3) permite a atacantes remotos subir imágenes a ciertas carpetas que no estaban configuradas en la configuración "solo permitir subir a los siguientes directorios" a través de vectores no especificados. • http://osvdb.org/33533 http://secunia.com/advisories/24274 http://www.securityfocus.com/bid/22686 http://www.vupen.com/english/advisories/2007/0712 https://secure-support.novell.com/KanisaPlatform/Publishing/408/3563780_f.SAL_Public.html https://secure-support.novell.com/KanisaPlatform/Publishing/650/3484245_f.SAL_Public.html •
CVSS: 10.0EPSS: 12%CPEs: 1EXPL: 0CVE-2006-6299
https://notcve.org/view.php?id=CVE-2006-6299
Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow. Desbordamiento de entero en Msg.dll en Novell ZENworks 7 Asset Management (ZAM) anterior al SP1 IR11 y el cliente Collection permiten a atacantes remotos ejecutar código de su elección mediante paquetes artesanales, que provocan un desbordamiento de búfer basado en pila. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=447 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=448 http://secunia.com/advisories/23157 http://securitytracker.com/id?1017326 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974824.htm http://www.securityfocus.com/bid/21395 http://www.securityfocus.com/bid/21400 http://www.vupen.com/english/advisories/2006/4829 https://exchange.xforce.ibmcloud.com/vulnerabilities/30665 •