Novell.ZENworks.LaunchHelp.ActiveX.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution vulnerability in Novell ZENworks.
The vulnerability, which is located in the "LaunchHelp.dll" ActiveX control, can be exploited through misuse of a particular ActiveX control method in "LaunchHelp.HelpLauncher". As a result, an attacker can trick an unsuspecting into visiting a malicious webpage and execute arbitrary code within the context of the application.
Affected Products
Novell ZENWorks AdminStudio all versions
Novell ZENworks Configuration Management 10.x
Novell ZENworks Configuration Management 11.x
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch available from the website.
http://www.novell.com/support/viewContent.do?externalId=7009570&sliceId=1
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |