ZHM 7 Remote Code Execution Vulnerability

  • 7009489
  • 05-Oct-2011
  • 16-Mar-2012

Environment

Novell ZENworks 7 Handheld Management - ZHM7

Situation

A security vulnerability exists with Novell ZENworks Handheld Management which could allow remote attackers to execute arbitrary code.

Resolution

A fix is available at https://download.novell.com/Download?buildid=Fz0LYfG9qCU~ as "ZHM 7 Remote Code Execution Vulnerability - see TID 7009489"

Additional Information

This was reported as V-kndy58lcwg AND V-ce0xct1eor by iDefense. This vulnerability was discovered by: Luigi Auriemma
CVE-2011-2656
CVE-2011-2655