Vulnerabilities > Novell
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-04-11 | CVE-2012-2223 | Information Exposure vulnerability in Novell Zenworks Configuration Management The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing (XST) attacks via unspecified vectors. | 4.3 |
2012-04-09 | CVE-2012-2215 | Path Traversal vulnerability in Novell Zenworks Configuration Management 11.1/11.1A Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request. | 5.0 |
2012-04-09 | CVE-2011-4188 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Imanager Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929. | 4.0 |
2012-04-09 | CVE-2011-3176 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Zenworks Configuration Management 11.1/11.1A Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request. | 10.0 |
2012-04-09 | CVE-2011-3175 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Zenworks Configuration Management 11.1/11.1A Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request. | 10.0 |
2012-03-02 | CVE-2011-4189 | Code Injection vulnerability in Novell Groupwise 8.0/8.0.1/8.0.2 The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file. | 7.5 |
2012-02-21 | CVE-2011-4187 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. | 10.0 |
2012-02-21 | CVE-2011-4186 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705. | 9.3 |
2012-02-21 | CVE-2011-4185 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436. | 10.0 |
2012-02-02 | CVE-2011-4194 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Open Enterprise Server Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field. | 7.5 |