Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:novell:file_reporter:1.0.2:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-4959 |
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record. Published: November 18, 2012; 2:55:01 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2012-4958 |
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record. Published: November 18, 2012; 2:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2012-4957 |
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record. Published: November 18, 2012; 2:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2012-4956 |
Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record. Published: November 18, 2012; 2:55:01 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2011-2750 |
NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD. Published: July 17, 2011; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2011-2220 |
Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element. Published: July 14, 2011; 7:55:02 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |