CVE-2008-2703

Name of the Vulnerable Software and Affected Versions Novell GroupWise Messenger (GWIM) Client versions prior to 2.0.3 HP1 for Windows

Description The issue is related to multiple stack-based buffer overflows that allow remote attackers to execute arbitrary code. This is achieved through spoofed server responses containing a long string after the NM A SZ TRANSACTION ID field name.

Recommendations For versions prior to 2.0.3 HP1, update to version 2.0.3 HP1 or later to resolve the issue. As a temporary workaround, consider restricting access to the NM A SZ TRANSACTION ID field to minimize the risk of exploitation.