Vulnerability Description
Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | File Reporter Engine | <= 1.0.2.0 |
| Novell | File Reporter | All versions |
Related Weaknesses (CWE)
References
- http://download.novell.com/Download?buildid=leLxi7tQACs~
- http://secunia.com/advisories/45065Vendor Advisory
- http://securityreason.com/securityalert/8305
- http://securitytracker.com/id?1025722
- http://www.securityfocus.com/archive/1/518632/100/0/threaded
- http://www.zerodayinitiative.com/advisories/ZDI-11-227
- http://download.novell.com/Download?buildid=leLxi7tQACs~
- http://secunia.com/advisories/45065Vendor Advisory
- http://securityreason.com/securityalert/8305
- http://securitytracker.com/id?1025722
- http://www.securityfocus.com/archive/1/518632/100/0/threaded
- http://www.zerodayinitiative.com/advisories/ZDI-11-227
FAQ
What is CVE-2011-2220?
CVE-2011-2220 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a...
How severe is CVE-2011-2220?
CVE-2011-2220 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-2220?
Check the references section above for vendor advisories and patch information. Affected products include: Novell File Reporter Engine, Novell File Reporter.