CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2658

The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.033

EPSS Ranking 86.8%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.novell.com/support/kb/doc.php?id=7009570
http://www.zerodayinitiative.com/advisories/ZDI-11-317/
http://www.novell.com/support/kb/doc.php?id=7009570
http://www.zerodayinitiative.com/advisories/ZDI-11-317/

Products affected by CVE-2011-2658

Novell » Zenworks Configuration Management » Version: 10.2

cpe:2.3:a:novell:zenworks_configuration_management:10.2
Novell » Zenworks Configuration Management » Version: 10.3

cpe:2.3:a:novell:zenworks_configuration_management:10.3
Novell » Zenworks Configuration Management » Version: 11

cpe:2.3:a:novell:zenworks_configuration_management:11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2658

Products

Pricing

Contact Us