Arbitrary Code Execution Vulnerability in ISList.ISAvi ActiveX Control in Novell ZENworks Configuration Management
CVE-2011-2658 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.
Learn more about our Aws Audit.