Vulnerability CVE-2013-1092


Published: 2013-05-05

Description:
Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: folder, related to an attempted launch of (1) ZenRem32.exe or (2) wm.exe.

Type:

CWE-Other

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Novell -> Zenworks desktop management 

 References:
http://download.novell.com/Download?buildid=hT-LlTRPOfw
~
http://www.novell.com/support/kb/doc.php?id=7012147

Copyright 2024, cxsecurity.com

 

Back to Top