PT-2011-1661 · Novell · Groupwise
Francis Provencher
·
Published
2011-01-31
·
Updated
2011-04-26
·
CVE-2010-4711
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Novell GroupWise versions prior to 8.02HP
Description
The issue is related to a double free vulnerability in the IMAP server component of the GroupWise Internet Agent (GWIA). This vulnerability can be exploited by remote attackers to execute arbitrary code. The exploitation is possible via a large parameter in a LIST command.
Recommendations
For versions prior to 8.02HP, update to version 8.02HP or later to resolve the issue.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Groupwise