CVE-2014-4509
Low
Low
Medium
High
Critical
CVSS Score
Vulnerability Description
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Known Affected Software
1 configuration(s) from 1 vendor(s)
identity_manager
Version:
4.0.2
CPE:
cpe:2.3:a:netiq:identity_manager:4.0.2:*:*:*:*:*:*:*
This vulnerability affects 1 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://download.novell.com/Download?buildid=5XLmBl54_Rg~cve@mitre.org Patch
-
http://www.securityfocus.com/bid/68139cve@mitre.org Third Party Advisory VDB Entry
-
http://download.novell.com/Download?buildid=5XLmBl54_Rg~af854a3a-2127-422b-91ae-364da2661108 Patch
-
http://www.securityfocus.com/bid/68139af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
Severity Details
out of 10.0
Low
Key Information
- Published Date
- June 21, 2014
