Stack-Based Buffer Overflow in Novell File Reporter Engine
CVE-2011-2220

Currently unrated

Key Information:

Vendor: Novell
Status: File Reporter Engine; File Reporter
Vendor: CVE Published:; 14 July 2011

What is CVE-2011-2220?

A stack-based buffer overflow vulnerability exists in NFREngine.exe within the Novell File Reporter Engine prior to version 1.0.2.53. This flaw allows remote attackers to execute arbitrary code on affected systems by sending a specially crafted RECORD element. Successful exploitation can lead to unauthorized access and full control over the vulnerable application, potentially compromising sensitive information.

References

http://download.novell.com/Download?buildid=leLxi7tQACs~

x_refsource_CONFIRM

http://securityreason.com/securityalert/8305

third-party-advisoryx_refsource_SREASON

http://secunia.com/advisories/45065

third-party-advisoryx_refsource_SECUNIA

EPSS Score

28% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 14, 2011
Vulnerability Reserved
Jun 2, 2011