Lucene search

[email protected]CVE-2011-1710

HistoryDec 31, 2011 - 1:55 a.m.

CVE-2011-1710

2011-12-3101:55:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2011-1710

integer overflows

http server

novell xtier

denial of service

code execution

8.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.0%

JSON

Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via crafted header length variables.

CPENameOperatorVersion
novell:xtier_frameworknovell xtier frameworkeq3.1.8

CPE	Name	Operator	Version
novell:xtier_framework	novell xtier framework	eq	3.1.8

References

download.novell.com/patch/finder/?keywords=b8833ce91ca8c8d2a478a8a32a2e2efb

lists.opensuse.org/opensuse-security-announce/2011-10/msg00012.html

support.novell.com/security/cve/CVE-2011-1710.html

bugzilla.novell.com/585440

8.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

87.0%

JSON

Related for CVE-2011-1710

prion1 suse1 nessus1 cvelist1