CVE-2011-4188

2012-04-0920:55:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-4188

novell imanager

buffer overflow

remote authenticated users

denial of service

application crash

nvd

security vulnerability

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

7.2 High

AI Score

Confidence

High

0.822 High

EPSS

Percentile

98.4%

JSON

Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929.

Affected configurations

NVD

Node

novellimanagerRange≤2.7.4

novellimanagerMatch1.5

novellimanagerMatch2.0

novellimanagerMatch2.0.2

novellimanagerMatch2.5

novellimanagerMatch2.6.0

novellimanagerMatch2.7.0

novellimanagerMatch2.7.3

novellimanagerMatch2.7.3ftf4

novellimanagerMatch2.7.3sp3

CPENameOperatorVersion
novell:imanagernovell imanagerle2.7.4
novell:imanagernovell imanagereq1.5
novell:imanagernovell imanagereq2.0
novell:imanagernovell imanagereq2.0.2
novell:imanagernovell imanagereq2.5
novell:imanagernovell imanagereq2.6.0
novell:imanagernovell imanagereq2.7.0
novell:imanagernovell imanagereq2.7.3

CPE	Name	Operator	Version
novell:imanager	novell imanager	le	2.7.4
novell:imanager	novell imanager	eq	1.5
novell:imanager	novell imanager	eq	2.0
novell:imanager	novell imanager	eq	2.0.2
novell:imanager	novell imanager	eq	2.5
novell:imanager	novell imanager	eq	2.6.0
novell:imanager	novell imanager	eq	2.7.0
novell:imanager	novell imanager	eq	2.7.3