Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5073

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-5073
Last Modified 29 Jan 2009 01:58:12
Published 14 Nov 2008 01:07:59
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5073

Summary

Heap-based buffer overflow in an ActiveX control in Novell ZENworks Desktop Management 6.5 allows remote attackers to execute arbitrary code via a long argument to the CanUninstall method.

Vulnerable Systems

Application

  • Novell Zenworks Desktop Management 6.5


References

XF - novell-zenworks-activex-bo(45462)

BID - 31435

BUGTRAQ - 20080927 Novell ZENWorks for Desktops Version 6.5 Remote (Heap-Based) PoC

SREASON - 4595


Last Updated: 27 May 2016 10:48:42