Published: 28/06/2010 Updated: 10/10/2018

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

VMScore: 905

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.

Vulnerable Product	Search on Vulmon	Subscribe to Product
novell imanager 2.7.3
novell imanager 2.7.0

Core Security Technologies Advisory - Novell iManager is prone to a stack-based buffer overflow vulnerability that can be exploited by authenticated users to execute arbitrary code, and to an off-by-one error that can be abused by remote, unauthenticated attackers to cause a Denial of Service to the application ...

CWE-119 http://secunia.com/advisories/40281 http://www.securityfocus.com/bid/40480 http://securitytracker.com/id?1024152 http://www.osvdb.org/65737 http://www.vupen.com/english/advisories/2010/1575 http://www.exploit-db.com/exploits/14010 http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/59694 http://www.securityfocus.com/archive/1/511983/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/14010/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-1929

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect