CVE-2011-2658

The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.

Published: Jul 27, 2012
Updated: Apr 13, 2023
CVE: CVE-2011-2658
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
novell / zenworks_configuration_management	11-sp1	11-sp1.x
novell / zenworks_configuration_management	10.2	10.2.x
novell / zenworks_configuration_management	10.3	10.3.x

http://www.novell.com/support/kb/doc.php?id=7009570
http://www.zerodayinitiative.com/advisories/ZDI-11-317/

Vulnerability Database

CVE-2011-2658