CVE-2013-1092

Name of the Vulnerable Software and Affected Versions Novell ZENworks Desktop Management versions 7 through 7.1

Description The issue is related to unquoted Windows search path vulnerabilities, which might allow local users to gain privileges. This could occur via a Trojan horse "program" file in the C: folder, specifically when attempting to launch ZenRem32.exe or wm.exe.

Recommendations For Novell ZENworks Desktop Management versions 7 through 7.1, consider updating to a version that includes the necessary security fixes to prevent exploitation of the unquoted Windows search path vulnerabilities. As a temporary workaround, restrict access to the C: folder to minimize the risk of a Trojan horse program being placed there.