Novell File Reporter 1.0.2 contains multiple vulnerabilities including a heap overflow, arbitrary file retrieval, and arbitrary file upload.
The Rapid7 advisory states:
CVE-2012-4956 - Heap Overflow
A remote unauthenticated attacker may be able to execute code, retrieve arbitrary files, and upload arbitrary files to the host.
Apply an Update
Thanks to Juan Vazquez for reporting this vulnerability.
This document was written by Jared Allar.