CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2657

Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.744

EPSS Ranking 98.8%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.exploit-db.com/exploits/19718/
http://www.novell.com/support/kb/doc.php?id=7009570
http://www.zerodayinitiative.com/advisories/ZDI-11-318/
http://www.exploit-db.com/exploits/19718/
http://www.novell.com/support/kb/doc.php?id=7009570
http://www.zerodayinitiative.com/advisories/ZDI-11-318/

Products affected by CVE-2011-2657

Novell » Zenworks Configuration Management » Version: 10.2

cpe:2.3:a:novell:zenworks_configuration_management:10.2
Novell » Zenworks Configuration Management » Version: 10.3

cpe:2.3:a:novell:zenworks_configuration_management:10.3
Novell » Zenworks Configuration Management » Version: 11

cpe:2.3:a:novell:zenworks_configuration_management:11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2657

Products

Pricing

Contact Us