Security Vulnerability with ZDM7 Remote Management

  • 7007320
  • 06-Dec-2010
  • 30-Apr-2012


Novell ZENworks 7 Desktop Management Support Pack 1 - ZDM7 SP1 Remote Management


A Security Vulnerability exists in ZDM7 code which allows remote attackers to execute arbitrary code which can over run buffers and corrupt the heap for the session. 


Fixed in ZENworks 7 Desktop Management Service Pack 1 Interim Release 4 Hot Patch 5, see KB 3484245 "Updates to Novell ZENworks 7 Desktop Management" which can be found at


Security Alert

Additional Information

This was reported as ZDI-CAN-749 by TippingPoint Corportation, this vulnerability was discovered by:  SB