Vulnerabilities > Novell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-23 | CVE-2010-3106 | Improper Input Validation vulnerability in Novell Iprint The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method. | 9.3 |
| 2010-08-23 | CVE-2010-3105 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2010-08-23 | CVE-2010-1527 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action. | 9.3 |
| 2010-06-28 | CVE-2010-1930 | Numeric Errors vulnerability in Novell Imanager 2.7.0/2.7.3 Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc. | 5.0 |
| 2010-06-28 | CVE-2010-1929 | Buffer Errors vulnerability in Novell Imanager 2.7.0/2.7.3 Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc. | 9.0 |
| 2010-06-21 | CVE-2010-2351 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName. | 10.0 |
| 2010-06-18 | CVE-2010-0284 | Path Traversal vulnerability in Novell Access Manager 3.1 Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. | 10.0 |
| 2010-05-26 | CVE-2009-4879 | Improper Authentication vulnerability in Novell Access Manager 3 The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions. | 4.3 |
| 2010-05-26 | CVE-2009-4878 | Information Disclosure vulnerability in Novell Access Manager 3 Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors. network novell | 4.3 |
| 2010-04-05 | CVE-2010-0625 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware and Netware FTP Server Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command. | 6.5 |