CVSS: 9.0EPSS: 93%CPEs: 3EXPL: 0CVE-2011-3174 – Novell ZENWorks Software Packaging ISGrid.Grid2.1 DoFindReplace bstrReplaceText Parameter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3174
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter. Un desbordamiento de búfer en la función DoFindReplace en el control ActiveX ISGrid.Grid2.1 en InstallShield/ISGrid2.dll en AdminStudio en Novell ZENworks Configuration Management (ZCM) v10.2, v10.3, 11 y SP1 permite a atacantes remotos ejecutar código de su elección a través de un parámetro bstrReplaceText excesivamente largo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENWorks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within \Program Files\Common Files\InstallShield\ISGrid2.dll. If the bstrReplaceText parameter exceeds its statically-allocated length then a buffer overflow will occur. • http://www.novell.com/support/kb/doc.php?id=7009570 http://www.zerodayinitiative.com/advisories/ZDI-11-319 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 12%CPEs: 3EXPL: 0CVE-2011-2658 – Novell ZENWorks Software Packaging Antique ActiveX Control Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2658
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws. El control ActiveX ISList.ISAvi en AdminStudio en Novell ZENworks Configuration Management (ZCM) v10.2, v10.3, 11 y SP1 permite el acceso al expediente Mscomct2.ocx, lo que permite a atacantes remotos ejecutar código de su elección aprovechándose de fallos no especificados de mscomct2. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENWorks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the inclusion and usage of an antique ActiveX control (mscomct2.ocx: Tue Mar 14 18:39:28 2000). Though mscomct2.ocx has been killbitted, it is accessed by ZENWorks via an intermediate control (ISList.ISAvi) which is scriptable. • http://www.novell.com/support/kb/doc.php?id=7009570 http://www.zerodayinitiative.com/advisories/ZDI-11-317 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 89%CPEs: 1EXPL: 0CVE-2011-3173 – Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3173
Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field. Desbordamiento de búfer basado en la pila en la función GetDriverSettings en nipplib.dll en el cliente iPrint en Novell Open Enterprise Server 2 (también conocido como OES2) SP3 permite a atacantes remotos ejecutar código de su elección a través de (1) 'hostname' largo o (2) 'port field'. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib.dll component. When handling the exposed method GetDriverSettings the application assembles a string for logging consisting of the hostname/port provided as a parameter. • http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5117030.html http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5117031.html http://www.novell.com/support/viewContent.do?externalId=7009676 http://www.zerodayinitiative.com/advisories/ZDI-11-309 https://bugzilla.novell.com/show_bug.cgi?id=707730 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 3EXPL: 0CVE-2011-2656
https://notcve.org/view.php?id=CVE-2011-2656
Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2655. Vulnerabilidad no especificada en ZfHSrvr.exe en Novell ZENworks Handheld Management (ZHM) v7 que permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2011-2655. • http://download.novell.com/Download?buildid=Fz0LYfG9qCU~ http://www.novell.com/support/viewContent.do?externalId=7009489 http://www.securityfocus.com/bid/50303 https://exchange.xforce.ibmcloud.com/vulnerabilities/70831 •
CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 0CVE-2011-2655
https://notcve.org/view.php?id=CVE-2011-2655
Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2656. Vulnerabilidad no especificada en ZfHSrvr.exe en Novell ZENworks Handheld Management (ZHM) v7 que permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2011-2656. • http://download.novell.com/Download?buildid=Fz0LYfG9qCU~ http://www.novell.com/support/viewContent.do?externalId=7009489 http://www.securityfocus.com/bid/50303 https://exchange.xforce.ibmcloud.com/vulnerabilities/70831 •