CVE-2011-2220

Name of the Vulnerable Software and Affected Versions Novell File Reporter Engine versions prior to 1.0.2.53

Description The issue is related to a stack-based buffer overflow in NFREngine.exe, which can be exploited by remote attackers to execute arbitrary code. This is achieved by sending a crafted RECORD element.

Recommendations For versions prior to 1.0.2.53, update to version 1.0.2.53 or later to resolve the issue. As a temporary workaround, consider restricting access to the NFREngine.exe to minimize the risk of exploitation.