CVE-2012-0271

Name of the Vulnerable Software and Affected Versions Novell GroupWise versions 8.0 through 8.0.3 HP1 and 2012 before SP1

Description The issue is related to an integer overflow in the WebConsole component of the GroupWise Internet Agent (GWIA), which could potentially allow remote attackers to execute arbitrary code. This can be triggered by a crafted request, such as one with -1 in the Content-Length HTTP header, leading to a heap-based buffer overflow.

Recommendations For Novell GroupWise versions 8.0 through 8.0.3 HP1, update to version 8.0.3 HP1 or later. For Novell GroupWise 2012 before SP1, update to SP1 or later.