Novell : Security Vulnerabilities, CVEs, Published In 2011 (Denial of service) CVSS score >= 5
Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets.
Max CVSS
7.5
EPSS Score
41.43%
Published
2011-11-30
Updated
2011-11-30
Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218.
Max CVSS
5.0
EPSS Score
0.24%
Published
2011-10-08
Updated
2012-05-14
Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2219.
Max CVSS
5.0
EPSS Score
0.24%
Published
2011-10-08
Updated
2012-05-14
Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via crafted header length variables.
Max CVSS
7.5
EPSS Score
0.61%
Published
2011-12-31
Updated
2012-01-02
Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service (plugin crash) or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance.
Max CVSS
5.8
EPSS Score
2.26%
Published
2011-04-13
Updated
2017-08-17
Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting a DynamicMethod instance.
Max CVSS
6.8
EPSS Score
2.89%
Published
2011-04-13
Updated
2017-08-17
Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file in which a thread makes a change after a type check but before a copy action.
Max CVSS
5.8
EPSS Score
8.00%
Published
2011-04-13
Updated
2017-08-17
The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file, as demonstrated by modifying a C# struct.
Max CVSS
5.8
EPSS Score
3.98%
Published
2011-04-13
Updated
2017-08-17
Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.
Max CVSS
5.0
EPSS Score
12.35%
Published
2011-02-10
Updated
2018-10-10
Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4.
Max CVSS
9.0
EPSS Score
92.13%
Published
2011-03-22
Updated
2017-08-17
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.
Max CVSS
10.0
EPSS Score
94.03%
Published
2011-02-25
Updated
2018-10-10
11 vulnerabilities found