PT-2007-3513 · Novell · Novell Groupwise Webaccess

Publicado

2007-04-24

Atualizado

2018-10-16

CVE-2007-2171

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Novell GroupWise WebAccess versions prior to 7.0 SP2

Description The issue is related to a stack-based buffer overflow in the base64 decode function within GWINTER.exe. This occurs when handling long base64 content in an HTTP Basic Authentication request, potentially allowing remote attackers to execute arbitrary code.

Recommendations For versions prior to 7.0 SP2, update to version 7.0 SP2 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2171

Produtos afetados

Novell Groupwise Webaccess

PT-2007-3513 · Novell · Novell Groupwise Webaccess

CVE-2007-2171

Identificadores relacionados

Produtos afetados

Referências · 11