Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3174

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-3174
Last Modified 27 Jul 2012 09:39:09
Published 26 Jul 2012 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3174

Summary

Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter.

Vulnerable Systems

Application

  • Novell Zenworks Configuration Management 10.2

  • Novell Zenworks Configuration Management 10.3

  • Novell Zenworks Configuration Management 11


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-11-319/

CONFIRM - http://www.novell.com/support/kb/doc.php?id=7009570


Last Updated: 27 May 2016 10:53:34