CVE-2011-3174
Novell ZENworks Configuration Management 10.2-11 SP1 - Buffer Overflow via ISGrid.Grid2.1 ActiveX
Title source: llmDescription
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.novell.com/support/kb/doc.php?id=7009570
Patch x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-319/
Scores
EPSS
0.2027
EPSS Percentile
95.6%
Details
CWE
CWE-119
Status
published
Products (3)
novell/zenworks_configuration_management
10.2
novell/zenworks_configuration_management
10.3
novell/zenworks_configuration_management
11 sp1
Published
Jul 26, 2012
Tracked Since
Feb 18, 2026