Directory Traversal Vulnerability in Novell ZENworks Configuration Management
CVE-2013-1079

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks Configuration Management
Vendor: CVE Published:; 29 March 2013

Summary

A directory traversal vulnerability exists in the ISCreateObject method of an ActiveX control within the InstallShield ISProxy.dll, affecting various versions of Novell ZENworks Configuration Management. This flaw allows remote attackers to exploit crafted web pages to execute arbitrary local DLL files by invoking the Initialize method, potentially compromising system integrity and security.

References

http://www.zerodayinitiative.com/advisories/ZDI-13-048/

x_refsource_MISC

http://www.novell.com/support/kb/doc.php?id=7011811

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 29, 2013