Novell : Security Vulnerabilities, CVEs, Published In January 2007

CVE-2007-0110

Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server before 3.0.0-1013 allows remote attackers to inject arbitrary web script or HTML via the IssueInstant parameter, which is not properly handled in the resulting error message.
Max CVSS
6.8
EPSS Score
3.03%
Published
2007-01-09
Updated
2011-03-08

CVE-2007-0108

nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles.
Max CVSS
6.0
EPSS Score
0.62%
Published
2007-01-09
Updated
2017-07-29
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close