Summary
This host is installed with Novell File Reporter and is prone to buffer overflow vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code with SYSTEM privileges or cause denial of service.
Impact Level: Application/System
Solution
Upgrade Novell File Reporter 1.0.2 or later,
For updates refer to http://download.novell.com/Download?buildid=rCAgCcbPH9s~
Insight
The flaw exists within 'NFRAgent.exe' module, which allows remote attackers to execute arbitrary code via unspecified XML data to port 3037.
Affected
Novell File Reporter (NFR) before 1.0.2
References
Severity
Classification
-
CVE CVE-2011-0994 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- ChaSen Buffer Overflow Vulnerability (Linux)
- Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)
- CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability
- BaoFeng Storm ActiveX Control Buffer Overflow Vulnerability
- BarCodeWiz 'BarcodeWiz.dll' ActiveX Control BOF Vulnerability