Zenworks Configuration Management@10.2 Security Vulnerabilities and Issues — Zenworks Configuration Management@10.2 CVE List

Lucene search

NovellZenworks Configuration Management10.2

9 matches found

CVE•added 2012/07/26 10:55 p.m.•130 views

CVE-2011-3174

Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter.

6.8CVSS8.1AI score0.20272EPSS

CVE•added 2012/07/26 10:55 p.m.•111 views

CVE-2011-2657

Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the firs...

6.8CVSS7.5AI score0.74401EPSS

CVE•added 2015/06/07 11:59 p.m.•44 views

CVE-2010-5323

Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a crafted WAR pathname in the filename parameter in conjunction with WAR content in the POST d...

10CVSS7.6AI score0.75507EPSS

CVE•added 2013/11/02 8:55 p.m.•44 views

CVE-2013-6346

Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8CVSS7.2AI score0.00896EPSS

CVE•added 2013/11/02 8:55 p.m.•41 views

CVE-2013-6347

Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.

6.8CVSS6.8AI score0.02398EPSS

CVE•added 2013/11/02 8:55 p.m.•38 views

CVE-2013-6344

The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors.

4.3CVSS6.2AI score0.00589EPSS

CVE•added 2013/11/02 8:55 p.m.•37 views

CVE-2013-6345

Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."

10CVSS6.5AI score0.0023EPSS

CVE•added 2015/06/07 11:59 p.m.•36 views

CVE-2010-5324

Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a zenworks-fileupload request with a crafted directory name in the type parameter, in conjunct...

10CVSS7.7AI score0.75507EPSS

CVE•added 2012/07/26 10:55 p.m.•36 views

CVE-2011-2658

The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.

6.8CVSS8AI score0.03292EPSS