Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message.
Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400.
Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data.
Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a zenworks-fileupload request with a crafted directory name in the type parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323.
Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error."
Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file.
Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a crafted WAR pathname in the filename parameter in conjunction with WAR content in the POST data, a different vulnerability than CVE-2010-5324.
The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors.
Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message.
Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.
Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data.
Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.
Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header.
Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allows remote attackers to overwrite files, and subsequently execute arbitrary code, via directory traversal sequences in a filename field in an upload request.
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors.
Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678.
Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command.
Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereference of an arbitrary pointer.
Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.
Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.
Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter."
Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header.
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow.
Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors.
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header.
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer.
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.
Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method.
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character.
Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to Active Directory (AD) password changes.
Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request.
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.
Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.
Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.
Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."
game-music-emu before 0.6.1 mishandles unspecified integer values.