Filtered by vendor Novell
Subscribe
Total
671 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-4185 | 2 Microsoft, Novell | 2 Windows, Iprint | 2024-11-21 | 10.0 HIGH | N/A |
The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436. | |||||
CVE-2011-3827 | 1 Novell | 1 Groupwise | 2024-11-21 | 4.3 MEDIUM | N/A |
The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted date-time string in a .ics attachment. | |||||
CVE-2011-3179 | 1 Novell | 2 Groupwise Messenger, Messenger | 2024-11-21 | 5.0 MEDIUM | N/A |
The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command. | |||||
CVE-2011-3176 | 1 Novell | 1 Zenworks Configuration Management | 2024-11-21 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request. | |||||
CVE-2011-3175 | 1 Novell | 1 Zenworks Configuration Management | 2024-11-21 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request. | |||||
CVE-2011-3174 | 1 Novell | 1 Zenworks Configuration Management | 2024-11-21 | 6.8 MEDIUM | N/A |
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter. | |||||
CVE-2011-3173 | 1 Novell | 1 Iprint Open Enterprise Server 2 | 2024-11-21 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field. | |||||
CVE-2011-3014 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2024-11-21 | 5.0 MEDIUM | N/A |
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation. | |||||
CVE-2011-3013 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2024-11-21 | 5.0 MEDIUM | N/A |
WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote attackers to obtain access via a brute-force attack. | |||||
CVE-2011-2750 | 1 Novell | 1 File Reporter | 2024-11-21 | 5.0 MEDIUM | N/A |
NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD. | |||||
CVE-2011-2663 | 1 Novell | 1 Groupwise | 2024-11-21 | 10.0 HIGH | N/A |
Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message. | |||||
CVE-2011-2662 | 1 Novell | 1 Groupwise | 2024-11-21 | 10.0 HIGH | N/A |
Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message. | |||||
CVE-2011-2661 | 1 Novell | 1 Groupwise | 2024-11-21 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the (1) Directory.Item.name or (2) Directory.Item.displayName parameter. | |||||
CVE-2011-2658 | 1 Novell | 1 Zenworks Configuration Management | 2024-11-21 | 6.8 MEDIUM | N/A |
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws. | |||||
CVE-2011-2657 | 1 Novell | 1 Zenworks Configuration Management | 2024-11-21 | 6.8 MEDIUM | N/A |
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument. | |||||
CVE-2011-2656 | 1 Novell | 1 Zenworks Handheld Management | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2655. | |||||
CVE-2011-2655 | 1 Novell | 1 Zenworks Handheld Management | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2656. | |||||
CVE-2011-2654 | 1 Novell | 1 Cloud Manager | 2024-11-21 | 9.3 HIGH | N/A |
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session. | |||||
CVE-2011-2653 | 1 Novell | 1 Zenworks Asset Management | 2024-11-21 | 10.0 HIGH | N/A |
Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file. | |||||
CVE-2011-2652 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2024-11-21 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file. |