Vulnerabilities > Novell
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-06-09 | CVE-2011-1703 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url. | 9.3 |
2011-06-09 | CVE-2011-1702 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url. | 9.3 |
2011-06-09 | CVE-2011-1701 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url. | 9.3 |
2011-06-09 | CVE-2011-1700 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url. | 9.3 |
2011-06-09 | CVE-2011-1699 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url. | 9.3 |
2011-06-09 | CVE-2011-1711 | Unauthorized Access vulnerability in Novell Data Synchronizer User Account Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer 1.0.x, and 1.1.x through 1.1.1 build 428, allows remote authenticated users to access the accounts of other users via unknown vectors. | 5.5 |
2011-05-13 | CVE-2011-0995 | Permissions, Privileges, and Access Controls vulnerability in multiple products The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | 2.1 |
2011-04-18 | CVE-2010-4229 | Path Traversal vulnerability in Novell Zenworks Configuration Management 10.3/10.3.1/11 Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allows remote attackers to overwrite files, and subsequently execute arbitrary code, via directory traversal sequences in a filename field in an upload request. | 10.0 |
2011-04-18 | CVE-2011-0988 | Permissions, Privileges, and Access Controls vulnerability in multiple products pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors. | 4.4 |
2011-04-13 | CVE-2011-0992 | Resource Management Errors vulnerability in multiple products Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service (plugin crash) or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance. | 5.8 |