CVE-2010-4299

EPSS 9.41%
Published 22.11.2010 12:54:11
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Novell ≫ Zenworks Handheld Management Version7

Novell ≫ Zenworks Handheld Management Version7 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	9.41%	0.924

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://marc.info/?l=full-disclosure&m=128916914213292&w=2

Patch

Third Party Advisory

http://secunia.com/advisories/42130

Permissions Required

http://www.novell.com/support/viewContent.do?externalId=7007135

Vendor Advisory

http://www.securitytracker.com/id?1024691

Third Party Advisory

VDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-10-230/

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2010-4299

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-4299

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-4299

EUVD