Heap-based Buffer Overflow in Novell File Reporter by Novell
CVE-2012-4956

Currently unrated

Key Information:

Vendor: Novell
Status: File Reporter
Vendor: CVE Published:; 18 November 2012

Summary

A heap-based buffer overflow vulnerability exists in NFRAgent.exe in Novell File Reporter 1.0.2. This issue allows remote attackers to exploit the application by sending a specially crafted record containing an excessive number of VOL elements. The flaw can result in arbitrary code execution, presenting significant risks to systems running the software. Users of Novell File Reporter should take immediate actions to mitigate potential threats associated with this vulnerability.

References

http://www.kb.cert.org/vuls/id/273371

third-party-advisoryx_refsource_CERT-VN

http://osvdb.org/87574

vdb-entryx_refsource_OSVDB

https://community.rapid7.com/community/metasploit/blog/20...

x_refsource_MISC

EPSS Score

70% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 18, 2012
Vulnerability Reserved
Sep 17, 2012