CVE-2012-4959

Public exploit
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.
Max CVSS
10.0
EPSS Score
79.77%
Published
2012-11-18
Updated
2012-11-19

CVE-2012-4956

Public exploit
Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record.
Max CVSS
10.0
EPSS Score
15.06%
Published
2012-11-18
Updated
2013-05-03
Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file.
Max CVSS
9.3
EPSS Score
2.48%
Published
2012-09-28
Updated
2013-02-14
Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
31.21%
Published
2012-09-28
Updated
2013-02-14
Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action.
Max CVSS
10.0
EPSS Score
2.48%
Published
2012-12-24
Updated
2013-01-08
Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header.
Max CVSS
10.0
EPSS Score
11.39%
Published
2012-09-19
Updated
2013-04-02
Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173.
Max CVSS
10.0
EPSS Score
3.71%
Published
2012-02-21
Updated
2012-02-24
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705.
Max CVSS
9.3
EPSS Score
0.29%
Published
2012-02-21
Updated
2012-02-22
The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436.
Max CVSS
10.0
EPSS Score
0.94%
Published
2012-02-21
Updated
2012-02-22

CVE-2011-3176

Public exploit
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request.
Max CVSS
10.0
EPSS Score
97.08%
Published
2012-04-09
Updated
2012-09-07

CVE-2011-3175

Public exploit
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.
Max CVSS
10.0
EPSS Score
97.08%
Published
2012-04-09
Updated
2012-09-07
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!