Stack-based Buffer Overflow in Novell File Reporter by Novell
CVE-2011-0994

Currently unrated

Key Information:

Vendor: Novell
Status: File Reporter
Vendor: CVE Published:; 10 April 2011

What is CVE-2011-0994?

The vulnerability involves a stack-based buffer overflow in the NFRAgent.exe component of Novell File Reporter versions earlier than 1.0.2. This flaw can be exploited by remote attackers via malicious XML data, potentially allowing them to execute arbitrary code on the affected systems. Organizations using this product should assess their current version and apply the necessary updates to safeguard against this security threat.

References

http://secunia.com/advisories/43975

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1025292

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/47144

vdb-entryx_refsource_BID

EPSS Score

29% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2011
Vulnerability Reserved
Feb 14, 2011