Environment
Novell Data Synchronizer Mobility Pack 1.0
Novell Data Synchronizer Mobility Pack 1.1
Situation
Novell Data Synchronizer Mobility Pack 1.1.2, and earlier, has a vulnerability that, in certain circumstances could allow client-side attacks, such as cross-site scripting
Resolution
- Please download Mobility Pack 1.2 or later from the following link
https://download.novell.com/patch/finder/#familyId=37123&productId=&dateRange=&startDate=&endDate=&priority=&distribution=&architecture=&keywords== - Please follow the steps listed in the following TID to apply Mobility Pack 1.2 or later
https://support.microfocus.com/kb/doc.php?id=7007012&sliceId=2&docTypeID=DT_TID_1_1&dialogID=250982096&stateId=0 0 250984074 0 250984074
Status
Security AlertAdditional Information
Notes:
Affected versions:
Novell Data Synchronizer 1.0.x (all builds)
Novell Data Synchronizer 1.1.2 build 428 and earlier.
Novell Data Synchronizer 1.0.x (all builds)
Novell Data Synchronizer 1.1.2 build 428 and earlier.
CVE-2011-2224