Vulnerabilities > Novell > Imanager > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-04-09 | CVE-2011-4188 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Imanager Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929. | 4.0 |
| 2010-01-08 | CVE-2009-4486 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Imanager Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema. | 7.5 |
| 2008-08-06 | CVE-2008-3488 | Permissions, Privileges, and Access Controls vulnerability in Novell Imanager Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) allows remote attackers to delete Plug-in Studio created Property Book Pages via unknown vectors. | 7.5 |
| 2006-11-01 | CVE-2006-4517 | Resource Management Errors vulnerability in Novell Imanager Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference. | 7.8 |
| 2005-12-31 | CVE-2005-1730 | Unspecified vulnerability in Novell Imanager 1.5/2.0/2.0.2 Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112. | 9.3 |
| 2004-11-23 | CVE-2004-0081 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | 5.0 |
| 2004-11-23 | CVE-2004-0079 | NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | 7.5 |