Vulnerabilities > CVE-2013-1092 - Local Privilege Escalation vulnerability in Novell ZENworks Desktop Management 7/7.1

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

novell

NVD

Published: 2013-05-05

Updated: 2013-05-06

Summary

Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: folder, related to an attempted launch of (1) ZenRem32.exe or (2) wm.exe.

Vulnerable Configurations

Part	Description	Count
Application	Novell Novell Zenworks Desktop Management 7 Novell Zenworks Desktop Management 7.1	2

References

http://download.novell.com/Download?buildid=hT-LlTRPOfw~
http://www.novell.com/support/kb/doc.php?id=7012147