exploitDog

CVE-2011-3174

Опубликовано: 26 июл. 2012

Источник: nvd

CVSS2: 6.8

EPSS Средний

Описание

Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter.

Ссылки

http://www.novell.com/support/kb/doc.php?id=7009570
Patch
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-11-319/
Patch
http://www.novell.com/support/kb/doc.php?id=7009570
Patch
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-11-319/
Patch

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:novell:zenworks_configuration_management:10.2:*:*:*:*:*:*:*

cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*

cpe:2.3:a:novell:zenworks_configuration_management:11:sp1:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.20272

Средний

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-2f8r-hw2f-68f2

github

больше 3 лет назад

Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter.

EPSS

Процентиль: 95%

0.20272

Средний

6.8 Medium

CVSS2

Дефекты

CWE-119