Heap-Based Buffer Overflow in Novell ZENworks Desktop Management
CVE-2008-5073

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks Desktop Management
Vendor: CVE Published:; 14 November 2008

What is CVE-2008-5073?

A heap-based buffer overflow exists in an ActiveX control of Novell ZENworks Desktop Management 6.5. This vulnerability can be exploited by remote attackers by sending a specially crafted argument to the CanUninstall method, leading to the execution of arbitrary code on the affected system. Organizations using this software should apply necessary patches and security measures to mitigate this risk.

References

http://securityreason.com/securityalert/4595

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/31435

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/496786/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2008
Vulnerability Reserved
Nov 14, 2008