CVE-2006-6299

3 documents3 sources

Severity

10.0CRITICAL

EPSS

17.2%

top 4.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Zenworks Asset Management

Timeline

PublishedDec 5

Latest updateMay 1

Description

Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDnovell/zenworks_asset_management7

Patches

Patch: labs.idefense.com ↗Patch: labs.idefense.com ↗Patch: support.novell.com ↗

🔴Vulnerability Details

GHSA

GHSA-4xpq-xp4w-2q9f: Integer overflow in Msg↗2022-05-01

▶

CVEList

CVE-2006-6299: Integer overflow in Msg↗2006-12-05

▶