← Voltar para CVEs
CVE-2011-2657
N/ADescricao
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado7/26/2012
Ultima modificacao4/29/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
novell:zenworks_configuration_management
Fraquezas (CWE)
CWE-22
Referencias
http://www.exploit-db.com/exploits/19718/(cve@mitre.org)
http://www.novell.com/support/kb/doc.php?id=7009570(cve@mitre.org)
http://www.zerodayinitiative.com/advisories/ZDI-11-318/(cve@mitre.org)
http://www.exploit-db.com/exploits/19718/(af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/support/kb/doc.php?id=7009570(af854a3a-2127-422b-91ae-364da2661108)
http://www.zerodayinitiative.com/advisories/ZDI-11-318/(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.