Heap-Based Buffer Overflow in Novell Zenworks 7 Handheld Management
CVE-2010-4299

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks Handheld Management
Vendor: CVE Published:; 22 November 2010

What is CVE-2010-4299?

A heap-based buffer overflow exists in the ZfHIPCND.exe component of Novell Zenworks 7 Handheld Management, enabling remote attackers to execute arbitrary code. This vulnerability can be exploited through a specially crafted request sent to TCP port 2400, potentially leading to unauthorized access and control over the affected system. Proper mitigation strategies should be implemented to safeguard against such attacks.

References

http://marc.info/?l=full-disclosure&m=128916914213292&w=2

mailing-listx_refsource_FULLDISC

http://www.novell.com/support/viewContent.do?externalId=7...

x_refsource_CONFIRM

http://www.securitytracker.com/id?1024691

vdb-entryx_refsource_SECTRACK

EPSS Score

12% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2010
Vulnerability Reserved
Nov 20, 2010