CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Novell : Security Vulnerabilities Published In 2010 (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2010-4321 119 1 Exec Code Overflow 2010-12-30 2011-09-21
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method.
2 CVE-2010-4299 119 Exec Code Overflow 2010-11-22 2011-02-02
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400.
3 CVE-2010-4254 20 1 Exec Code Bypass 2010-12-06 2011-02-02
7.5
None Remote Low Not required Partial Partial Partial
Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.
4 CVE-2010-3109 119 Exec Code Overflow 2010-08-23 2011-07-18
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter.
5 CVE-2010-3108 119 Exec Code Overflow 2010-08-23 2011-07-18
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code by using EMBED elements to pass parameters with long names.
6 CVE-2010-3106 20 DoS Exec Code Mem. Corr. 2010-08-23 2011-07-18
9.3
None Remote Medium Not required Complete Complete Complete
The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.
7 CVE-2010-3105 119 Exec Code Overflow 2010-08-23 2011-07-18
9.3
None Remote Medium Not required Complete Complete Complete
The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
8 CVE-2010-3087 119 DoS Exec Code Overflow Mem. Corr. 2010-09-28 2013-05-14
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.
9 CVE-2010-2351 119 1 Exec Code Overflow 2010-06-21 2011-02-28
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
10 CVE-2010-1929 119 1 Exec Code Overflow 2010-06-28 2010-06-28
9.0
None Remote Low Single system Complete Complete Complete
Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.
11 CVE-2010-1527 119 Exec Code Overflow 2010-08-23 2011-07-18
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.
12 CVE-2010-0625 119 DoS Exec Code Overflow 2010-04-05 2010-04-17
6.5
None Remote Low Single system Partial Partial Partial
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
13 CVE-2010-0284 22 Exec Code Dir. Trav. 2010-06-18 2010-06-24
10.0
None Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678.
14 CVE-2009-4654 119 Exec Code Overflow 2010-02-26 2010-03-01
9.0
None Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk.
15 CVE-2009-4653 119 DoS Exec Code Overflow 2010-02-26 2010-03-02
9.0
None Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:.
16 CVE-2009-4486 119 Exec Code Overflow 2010-01-08 2013-08-01
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema.
Total number of vulnerabilities : 16   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.