Novell ZENWorks Software Packaging ISGrid.Grid2.1 bstrSearchText Parameter Remote Code Execution VulnerabilityTPTI-11-15: December 7th, 2011
TippingPoint™ IPS Customer ProtectionTippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 11268. For further product information on the TippingPoint IPS:
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENWorks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within \Program Files\Common Files\InstallShield\ISGrid2.dll ActiveX control. If the DoFindReplace method is invoked with the bstrSearchText parameter set to an overly large value, a string buffer overflow will occur. This can be exploited to execute arbitrary code on the host system in the context of the browser.
2011-05-31 - Vulnerability reported to vendor
2011-12-07 - Coordinated public release of advisory
CreditThis vulnerability was discovered by:
Jonathan Andersson, TippingPoint DVLabs