CVE-2011-2658

CVSS 6.8 - MEDIUM

Description

The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.

Affected Products

3

Vendor	Product	Version
novell	zenworks_configuration_management	`10.2`
novell	zenworks_configuration_management	`10.3`
novell	zenworks_configuration_management	`11`

References

http://www.novell.com/support/kb/doc.php?id=700957...

http://www.zerodayinitiative.com/advisories/ZDI-11...

http://www.novell.com/support/kb/doc.php?id=700957...

http://www.zerodayinitiative.com/advisories/ZDI-11...

Weakness Types

CWE-264

CVE Information

CVE ID:: CVE-2011-2658
Published:: 2012-07-26
Modified:: 2026-04-29
CVSS Score:: 6.8
Severity:: MEDIUM
Vector:: AV:N/AC:M/Au:N/C:P/I:P/A:P

Affected Vendors

novell

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL