VYPR

Zenworks Configuration Management

by Novell

CVEs (42)

  • CVE-2011-2658Jul 26, 2012
    risk 0.00cvss epss 0.03

    The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.

  • CVE-2012-2223Apr 11, 2012
    risk 0.00cvss epss 0.01

    The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing (XST) attacks via unspecified vectors.

Page 3 of 3