HIGH🇵🇱 Wersja polska

CVE-2010-1929

CVSS 9.0v2.0pub. 2010-06-28upd. 2026-04-29

Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.

CVSS Vector
AV:N/AC:L/Au:S/C:C/I:C/A:C
  • Novell Imanager

    APP
    Novell
    2.7.02.7.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2017-7432CRITICAL9.8ten sam produkt

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload...

CVE-2017-7431HIGH8.8ten sam produkt

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF i...

CVE-2017-5186HIGH7.5ten sam produkt

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 ...

CVE-2013-3268HIGH10.0ten sam produkt

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified i...

CVE-2009-4486HIGH7.5ten sam produkt

Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers t...