Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for identity_manager by novell

    CVE-2016-1598 (GCVE-0-2016-1598)

    Vulnerability from nvd – Published: 2016-10-27 20:00 – Updated: 2024-08-05 23:02
    VLAI
    Summary
    XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.
    Severity
    No CVSS data available.
    CWE
    • unspecified
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a NetIQ IDM 4.5 Identity Applications before 4.5.4 Affected: NetIQ IDM 4.5 Identity Applications before 4.5.4
    Date Public
    2016-10-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:02:11.722Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "93833",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/93833"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://download.novell.com/Download?buildid=xyswDCMsT7I~"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NetIQ IDM 4.5 Identity Applications before 4.5.4",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "NetIQ IDM 4.5 Identity Applications before 4.5.4"
                }
              ]
            }
          ],
          "datePublic": "2016-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "unspecified",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:42.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "name": "93833",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/93833"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://download.novell.com/Download?buildid=xyswDCMsT7I~"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2016-1598",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NetIQ IDM 4.5 Identity Applications before 4.5.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "NetIQ IDM 4.5 Identity Applications before 4.5.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "unspecified"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "93833",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/93833"
                },
                {
                  "name": "https://download.novell.com/Download?buildid=xyswDCMsT7I~",
                  "refsource": "CONFIRM",
                  "url": "https://download.novell.com/Download?buildid=xyswDCMsT7I~"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2016-1598",
        "datePublished": "2016-10-27T20:00:00.000Z",
        "dateReserved": "2016-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:02:11.722Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4324 (GCVE-0-2010-4324)

    Vulnerability from nvd – Published: 2011-01-07 18:00 – Updated: 2024-08-07 03:43
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/70298 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2011/0038 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/45692 vdb-entryx_refsource_BID
    http://secunia.com/advisories/42819 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1024941 vdb-entryx_refsource_SECTRACK
    https://bugzilla.novell.com/show_bug.cgi?id=653516 x_refsource_CONFIRM
    http://support.novell.com/docs/Readmes/InfoDocume… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2011-01-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:43:13.758Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "70298",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/70298"
              },
              {
                "name": "ADV-2011-0038",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0038"
              },
              {
                "name": "45692",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45692"
              },
              {
                "name": "42819",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42819"
              },
              {
                "name": "1024941",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1024941"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.novell.com/show_bug.cgi?id=653516"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html"
              },
              {
                "name": "novell-approval-form-xss(64501)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "70298",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/70298"
            },
            {
              "name": "ADV-2011-0038",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0038"
            },
            {
              "name": "45692",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45692"
            },
            {
              "name": "42819",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42819"
            },
            {
              "name": "1024941",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1024941"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=653516"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html"
            },
            {
              "name": "novell-approval-form-xss(64501)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-4324",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "70298",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/70298"
                },
                {
                  "name": "ADV-2011-0038",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0038"
                },
                {
                  "name": "45692",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45692"
                },
                {
                  "name": "42819",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42819"
                },
                {
                  "name": "1024941",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1024941"
                },
                {
                  "name": "https://bugzilla.novell.com/show_bug.cgi?id=653516",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.novell.com/show_bug.cgi?id=653516"
                },
                {
                  "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html",
                  "refsource": "CONFIRM",
                  "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html"
                },
                {
                  "name": "novell-approval-form-xss(64501)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-4324",
        "datePublished": "2011-01-07T18:00:00.000Z",
        "dateReserved": "2010-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:43:13.758Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-3264 (GCVE-0-2010-3264)

    Vulnerability from nvd – Published: 2010-09-08 19:00 – Updated: 2024-09-17 00:42
    VLAI
    Summary
    The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/support/viewContent.do?exte… x_refsource_CONFIRM
    http://secunia.com/advisories/41194 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/2226 vdb-entryx_refsource_VUPEN
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:03:18.739Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/support/viewContent.do?externalId=7006705"
              },
              {
                "name": "41194",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41194"
              },
              {
                "name": "ADV-2010-2226",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2226"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-09-08T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.novell.com/support/viewContent.do?externalId=7006705"
            },
            {
              "name": "41194",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41194"
            },
            {
              "name": "ADV-2010-2226",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2226"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-3264",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.novell.com/support/viewContent.do?externalId=7006705",
                  "refsource": "CONFIRM",
                  "url": "http://www.novell.com/support/viewContent.do?externalId=7006705"
                },
                {
                  "name": "41194",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41194"
                },
                {
                  "name": "ADV-2010-2226",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2226"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-3264",
        "datePublished": "2010-09-08T19:00:00.000Z",
        "dateReserved": "2010-09-08T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:42:03.081Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-6625 (GCVE-0-2007-6625)

    Vulnerability from nvd – Published: 2008-01-04 00:00 – Updated: 2024-08-07 16:11
    VLAI
    Summary
    The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1019144 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/27028 vdb-entryx_refsource_BID
    http://osvdb.org/40104 vdb-entryx_refsource_OSVDB
    http://support.novell.com/docs/Readmes/InfoDocume… x_refsource_CONFIRM
    http://secunia.com/advisories/28237 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/4311 vdb-entryx_refsource_VUPEN
    Date Public
    2007-12-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:11:06.190Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1019144",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1019144"
              },
              {
                "name": "27028",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27028"
              },
              {
                "name": "40104",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/40104"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5007560.html"
              },
              {
                "name": "28237",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28237"
              },
              {
                "name": "novell-identity-asampsp-dos(39206)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39206"
              },
              {
                "name": "ADV-2007-4311",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/4311"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-12-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1019144",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1019144"
            },
            {
              "name": "27028",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27028"
            },
            {
              "name": "40104",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/40104"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5007560.html"
            },
            {
              "name": "28237",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28237"
            },
            {
              "name": "novell-identity-asampsp-dos(39206)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39206"
            },
            {
              "name": "ADV-2007-4311",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/4311"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-6625",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1019144",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1019144"
                },
                {
                  "name": "27028",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27028"
                },
                {
                  "name": "40104",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/40104"
                },
                {
                  "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5007560.html",
                  "refsource": "CONFIRM",
                  "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5007560.html"
                },
                {
                  "name": "28237",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28237"
                },
                {
                  "name": "novell-identity-asampsp-dos(39206)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39206"
                },
                {
                  "name": "ADV-2007-4311",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/4311"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-6625",
        "datePublished": "2008-01-04T00:00:00.000Z",
        "dateReserved": "2008-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:11:06.190Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-1598 (GCVE-0-2016-1598)

    Vulnerability from cvelistv5 – Published: 2016-10-27 20:00 – Updated: 2024-08-05 23:02
    VLAI
    Summary
    XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.
    Severity
    No CVSS data available.
    CWE
    • unspecified
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a NetIQ IDM 4.5 Identity Applications before 4.5.4 Affected: NetIQ IDM 4.5 Identity Applications before 4.5.4
    Date Public
    2016-10-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:02:11.722Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "93833",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/93833"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://download.novell.com/Download?buildid=xyswDCMsT7I~"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NetIQ IDM 4.5 Identity Applications before 4.5.4",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "NetIQ IDM 4.5 Identity Applications before 4.5.4"
                }
              ]
            }
          ],
          "datePublic": "2016-10-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "unspecified",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:42.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "name": "93833",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/93833"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://download.novell.com/Download?buildid=xyswDCMsT7I~"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "ID": "CVE-2016-1598",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NetIQ IDM 4.5 Identity Applications before 4.5.4",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "NetIQ IDM 4.5 Identity Applications before 4.5.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "unspecified"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "93833",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/93833"
                },
                {
                  "name": "https://download.novell.com/Download?buildid=xyswDCMsT7I~",
                  "refsource": "CONFIRM",
                  "url": "https://download.novell.com/Download?buildid=xyswDCMsT7I~"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2016-1598",
        "datePublished": "2016-10-27T20:00:00.000Z",
        "dateReserved": "2016-01-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:02:11.722Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4324 (GCVE-0-2010-4324)

    Vulnerability from cvelistv5 – Published: 2011-01-07 18:00 – Updated: 2024-08-07 03:43
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/70298 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2011/0038 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/45692 vdb-entryx_refsource_BID
    http://secunia.com/advisories/42819 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1024941 vdb-entryx_refsource_SECTRACK
    https://bugzilla.novell.com/show_bug.cgi?id=653516 x_refsource_CONFIRM
    http://support.novell.com/docs/Readmes/InfoDocume… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2011-01-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:43:13.758Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "70298",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/70298"
              },
              {
                "name": "ADV-2011-0038",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0038"
              },
              {
                "name": "45692",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45692"
              },
              {
                "name": "42819",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42819"
              },
              {
                "name": "1024941",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1024941"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.novell.com/show_bug.cgi?id=653516"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html"
              },
              {
                "name": "novell-approval-form-xss(64501)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "70298",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/70298"
            },
            {
              "name": "ADV-2011-0038",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0038"
            },
            {
              "name": "45692",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45692"
            },
            {
              "name": "42819",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42819"
            },
            {
              "name": "1024941",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1024941"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.novell.com/show_bug.cgi?id=653516"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html"
            },
            {
              "name": "novell-approval-form-xss(64501)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-4324",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "70298",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/70298"
                },
                {
                  "name": "ADV-2011-0038",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0038"
                },
                {
                  "name": "45692",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45692"
                },
                {
                  "name": "42819",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42819"
                },
                {
                  "name": "1024941",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1024941"
                },
                {
                  "name": "https://bugzilla.novell.com/show_bug.cgi?id=653516",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.novell.com/show_bug.cgi?id=653516"
                },
                {
                  "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html",
                  "refsource": "CONFIRM",
                  "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html"
                },
                {
                  "name": "novell-approval-form-xss(64501)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-4324",
        "datePublished": "2011-01-07T18:00:00.000Z",
        "dateReserved": "2010-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:43:13.758Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-3264 (GCVE-0-2010-3264)

    Vulnerability from cvelistv5 – Published: 2010-09-08 19:00 – Updated: 2024-09-17 00:42
    VLAI
    Summary
    The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/support/viewContent.do?exte… x_refsource_CONFIRM
    http://secunia.com/advisories/41194 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2010/2226 vdb-entryx_refsource_VUPEN
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:03:18.739Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/support/viewContent.do?externalId=7006705"
              },
              {
                "name": "41194",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41194"
              },
              {
                "name": "ADV-2010-2226",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2226"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2010-09-08T19:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.novell.com/support/viewContent.do?externalId=7006705"
            },
            {
              "name": "41194",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41194"
            },
            {
              "name": "ADV-2010-2226",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2226"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-3264",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.novell.com/support/viewContent.do?externalId=7006705",
                  "refsource": "CONFIRM",
                  "url": "http://www.novell.com/support/viewContent.do?externalId=7006705"
                },
                {
                  "name": "41194",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41194"
                },
                {
                  "name": "ADV-2010-2226",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2226"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-3264",
        "datePublished": "2010-09-08T19:00:00.000Z",
        "dateReserved": "2010-09-08T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:42:03.081Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-6625 (GCVE-0-2007-6625)

    Vulnerability from cvelistv5 – Published: 2008-01-04 00:00 – Updated: 2024-08-07 16:11
    VLAI
    Summary
    The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1019144 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/27028 vdb-entryx_refsource_BID
    http://osvdb.org/40104 vdb-entryx_refsource_OSVDB
    http://support.novell.com/docs/Readmes/InfoDocume… x_refsource_CONFIRM
    http://secunia.com/advisories/28237 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/4311 vdb-entryx_refsource_VUPEN
    Date Public
    2007-12-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:11:06.190Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1019144",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1019144"
              },
              {
                "name": "27028",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27028"
              },
              {
                "name": "40104",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/40104"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5007560.html"
              },
              {
                "name": "28237",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28237"
              },
              {
                "name": "novell-identity-asampsp-dos(39206)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39206"
              },
              {
                "name": "ADV-2007-4311",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/4311"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-12-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1019144",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1019144"
            },
            {
              "name": "27028",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27028"
            },
            {
              "name": "40104",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/40104"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5007560.html"
            },
            {
              "name": "28237",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28237"
            },
            {
              "name": "novell-identity-asampsp-dos(39206)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39206"
            },
            {
              "name": "ADV-2007-4311",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/4311"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-6625",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as demonstrated by a Nessus scan."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1019144",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1019144"
                },
                {
                  "name": "27028",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27028"
                },
                {
                  "name": "40104",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/40104"
                },
                {
                  "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5007560.html",
                  "refsource": "CONFIRM",
                  "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5007560.html"
                },
                {
                  "name": "28237",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28237"
                },
                {
                  "name": "novell-identity-asampsp-dos(39206)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39206"
                },
                {
                  "name": "ADV-2007-4311",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/4311"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-6625",
        "datePublished": "2008-01-04T00:00:00.000Z",
        "dateReserved": "2008-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:11:06.190Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }