High

DATE	CVE	VULNERABILITY TITLE	RISK
2011-08-23	CVE-2011-2651	Unspecified vulnerability in the file browser in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename. network low complexity marcus-schafer novell	7.5
2011-08-23	CVE-2011-2649	Improper Input Validation vulnerability in multiple products Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call. network low complexity marcus-schafer novell CWE-20	7.5
2011-08-23	CVE-2011-2648	Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a filter in a modified file. network low complexity marcus-schafer novell	7.5
2011-08-23	CVE-2011-2647	Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files. network low complexity marcus-schafer novell	7.5
2011-08-23	CVE-2011-2646	Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified files. network low complexity marcus-schafer novell	7.5
2011-08-23	CVE-2011-2645	Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename for a custom RPM. network low complexity marcus-schafer novell	7.5