CVE-2011-2658

EPSS 3.29%
Published 26.07.2012 22:55:01
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Novell ≫ Zenworks Configuration Management Version10.2

Novell ≫ Zenworks Configuration Management Version10.3

Novell ≫ Zenworks Configuration Management Version11 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.29%	0.865

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://www.novell.com/support/kb/doc.php?id=7009570

Patch

http://www.zerodayinitiative.com/advisories/ZDI-11-317/

Patch

https://nvd.nist.gov/vuln/detail/CVE-2011-2658

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-2658

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-2658

EUVD