CVE-2012-4959

Public exploit
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
Max CVSS
10.0
EPSS Score
79.77%
Published
2012-11-18
Updated
2012-11-19

CVE-2012-4958

Public exploit
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
Max CVSS
7.8
EPSS Score
95.27%
Published
2012-11-18
Updated
2012-11-19

CVE-2012-4957

Public exploit
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.
Max CVSS
7.8
EPSS Score
95.81%
Published
2012-11-18
Updated
2012-11-19

CVE-2012-4956

Public exploit
Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record.
Max CVSS
10.0
EPSS Score
15.06%
Published
2012-11-18
Updated
2013-05-03

CVE-2012-4933

Public exploit
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote attackers to obtain sensitive information via a crafted rtrlet/rtr request for the HandleMaintenanceCalls function.
Max CVSS
7.8
EPSS Score
97.12%
Published
2012-10-20
Updated
2017-08-29

CVE-2012-2215

Public exploit
Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request.
Max CVSS
5.0
EPSS Score
0.78%
Published
2012-04-09
Updated
2017-08-29

CVE-2012-0419

Public exploit
Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.
Max CVSS
5.0
EPSS Score
96.49%
Published
2012-09-28
Updated
2013-04-05
Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file.
Max CVSS
9.3
EPSS Score
2.48%
Published
2012-09-28
Updated
2013-02-14
Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
31.21%
Published
2012-09-28
Updated
2013-02-14
Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action.
Max CVSS
10.0
EPSS Score
2.48%
Published
2012-12-24
Updated
2013-01-08
Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.
Max CVSS
5.0
EPSS Score
80.37%
Published
2012-07-05
Updated
2013-04-02
Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header.
Max CVSS
10.0
EPSS Score
11.39%
Published
2012-09-19
Updated
2013-04-02
The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.
Max CVSS
6.4
EPSS Score
2.27%
Published
2012-06-21
Updated
2023-02-13
The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.
Max CVSS
7.8
EPSS Score
1.44%
Published
2012-06-21
Updated
2023-02-13
Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.
Max CVSS
7.5
EPSS Score
5.20%
Published
2012-02-02
Updated
2020-02-24
The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file.
Max CVSS
7.5
EPSS Score
20.07%
Published
2012-03-02
Updated
2018-01-11
Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173.
Max CVSS
10.0
EPSS Score
3.71%
Published
2012-02-21
Updated
2012-02-24
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705.
Max CVSS
9.3
EPSS Score
0.29%
Published
2012-02-21
Updated
2012-02-22
The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436.
Max CVSS
10.0
EPSS Score
0.94%
Published
2012-02-21
Updated
2012-02-22

CVE-2011-3176

Public exploit
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request.
Max CVSS
10.0
EPSS Score
97.08%
Published
2012-04-09
Updated
2012-09-07

CVE-2011-3175

Public exploit
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.
Max CVSS
10.0
EPSS Score
97.08%
Published
2012-04-09
Updated
2012-09-07
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter.
Max CVSS
6.8
EPSS Score
27.59%
Published
2012-07-26
Updated
2012-07-27
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.
Max CVSS
6.8
EPSS Score
3.46%
Published
2012-07-26
Updated
2012-07-27

CVE-2011-2657

Public exploit
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.
Max CVSS
6.8
EPSS Score
96.19%
Published
2012-07-26
Updated
2012-07-27
24 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!