Novell: >> Identity Manager >> 3.5.1 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.018
Published
2011-01-07
The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan.
CVSS Score
5.0
EPSS Score
0.04
Published
2008-01-04