Lucene search

[email protected]CVE-2011-2220

HistoryJul 14, 2011 - 11:55 p.m.

CVE-2011-2220

2011-07-1423:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-2220

buffer overflow

nfrengine.exe

novell file reporter engine

remote code execution

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.896 High

EPSS

Percentile

98.8%

JSON

Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element.

CPENameOperatorVersion
novell:file_reporter_enginenovell file reporter enginele1.0.2.0
novell:file_reporternovell file reportereq*

CPE	Name	Operator	Version
novell:file_reporter_engine	novell file reporter engine	le	1.0.2.0
novell:file_reporter	novell file reporter	eq	*

References

download.novell.com/Download?buildid=leLxi7tQACs~

secunia.com/advisories/45065

securityreason.com/securityalert/8305

securitytracker.com/id?1025722

www.securityfocus.com/archive/1/518632/100/0/threaded

www.zerodayinitiative.com/advisories/ZDI-11-227

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.896 High

EPSS

Percentile

98.8%

JSON

Related for CVE-2011-2220

prion1 checkpoint_advisories1 openvas2 zdi1 securityvulns2 nessus1