Novell: Security Vulnerabilities
The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436.
CVSS Score
10.0
EPSS Score
0.199
Published
2012-02-21
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705.
CVSS Score
9.3
EPSS Score
0.196
Published
2012-02-21
Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.
CVSS Score
7.5
EPSS Score
0.106
Published
2012-02-02
Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via crafted header length variables.
CVSS Score
7.5
EPSS Score
0.023
Published
2011-12-31
Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.
CVSS Score
4.0
EPSS Score
0.142
Published
2011-12-29
Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file.
CVSS Score
10.0
EPSS Score
0.832
Published
2011-12-08
The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command.
CVSS Score
5.0
EPSS Score
0.017
Published
2011-12-08
Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field.
CVSS Score
7.5
EPSS Score
0.141
Published
2011-11-30
Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets.
CVSS Score
7.5
EPSS Score
0.151
Published
2011-11-30
Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2656.
CVSS Score
9.3
EPSS Score
0.055
Published
2011-10-24