Arbitrary Code Execution Vulnerability in ISList.ISAvi ActiveX Control in Novell ZENworks Configuration Management

Arbitrary Code Execution Vulnerability in ISList.ISAvi ActiveX Control in Novell ZENworks Configuration Management

CVE-2011-2658 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.

Learn more about our Aws Audit.