GCVE - cpe:2.3:a:novell:imanager:2.7.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:novell:imanager:2.7.3:*:*:*:*:*:*:*

part: a version: 2.7.3 update: *

Vendor	Novell (`4a1c187d-e568-531f-92b0-685a3df2807c`)
Product	Imanager (`cb2d046e-cd14-5e88-8822-30fac5840d93`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-3268`	vulnerable	2026-06-03 14:33:06.459848	Details available Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors. Published: 2013-04-24T10:00:00.000Z Updated: 2024-08-06T16:07:37.345Z Open on db.gcve.eu Reference links http://www.novell.com/support/kb/doc.php?id=7010166 https://exchange.xforce.ibmcloud.com/vulnerabilities/83761 https://bugzilla.novell.com/show_bug.cgi?id=807429 http://www.securityfocus.com/bid/59450	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1088`	vulnerable	2026-06-03 14:32:47.959121	Details available Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container. Published: 2013-04-24T10:00:00.000Z Updated: 2024-08-06T14:49:20.617Z Open on db.gcve.eu Reference links http://www.novell.com/support/kb/doc.php?id=7010166 https://bugzilla.novell.com/show_bug.cgi?id=726260	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4188`	vulnerable	2026-06-03 14:31:23.472857	Details available Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929. Published: 2012-04-09T20:00:00.000Z Updated: 2024-08-07T00:01:51.006Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id?1026894 https://exchange.xforce.ibmcloud.com/vulnerabilities/74669 http://www.novell.com/support/viewContent.do?externalId=7002971 http://secunia.com/advisories/48672	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1930`	vulnerable	2026-06-03 14:30:17.415705	Details available Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc. Published: 2010-06-28T17:00:00.000Z Updated: 2024-08-07T02:17:13.184Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/40485 http://www.vupen.com/english/advisories/2010/1575 http://securitytracker.com/id?1024152 http://www.osvdb.org/65738 http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-1929`	vulnerable	2026-06-03 14:30:17.414691	Details available Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc. Published: 2010-06-28T17:00:00.000Z Updated: 2024-08-07T02:17:13.540Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/40480 http://www.vupen.com/english/advisories/2010/1575 https://exchange.xforce.ibmcloud.com/vulnerabilities/59694 http://securitytracker.com/id?1024152 http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.