Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.
AV:N/AC:L/Au:S/C:C/I:C/A:CNovell Imanager
APPNovell2.7.02.7.3
Related vulnerabilities
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload...
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF i...
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 ...
Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified i...
Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers t...