Unrated severityNVD Advisory· Published Jun 28, 2010· Updated Apr 29, 2026

CVE-2010-1929

Description

Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.

Affected products

Novell/Imanager3 versions
cpe:2.3:a:novell:imanager:2.7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:novell:imanager:2.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.3:ftf2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploit
www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilitiesnvdExploit
www.exploit-db.com/exploits/14010nvdExploit
www.securityfocus.com/bid/40480nvdExploit
secunia.com/advisories/40281nvdVendor Advisory
www.vupen.com/english/advisories/2010/1575nvdVendor Advisory
www.osvdb.org/65737nvd
www.securityfocus.com/archive/1/511983/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/59694nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.019
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000