CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-3174

Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.203

EPSS Ranking 95.2%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.novell.com/support/kb/doc.php?id=7009570
http://www.zerodayinitiative.com/advisories/ZDI-11-319/
http://www.novell.com/support/kb/doc.php?id=7009570
http://www.zerodayinitiative.com/advisories/ZDI-11-319/

Products affected by CVE-2011-3174

Novell » Zenworks Configuration Management » Version: 10.2

cpe:2.3:a:novell:zenworks_configuration_management:10.2
Novell » Zenworks Configuration Management » Version: 10.3

cpe:2.3:a:novell:zenworks_configuration_management:10.3
Novell » Zenworks Configuration Management » Version: 11

cpe:2.3:a:novell:zenworks_configuration_management:11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3174

Products

Pricing

Contact Us