PT-2011-2277 · Novell · Novell Groupwise

Published

2011-10-08

Updated

2012-05-14

CVE-2011-0334

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Novell GroupWise versions 8.0 before HP3

Description The issue is a stack-based buffer overflow in the gwia.exe component of the GroupWise Internet Agent (GWIA) in Novell GroupWise. This occurs when a remote attacker sends a long HTTP request for a .css file, potentially allowing the execution of arbitrary code.

Recommendations For Novell GroupWise versions 8.0 before HP3, apply the HP3 patch to resolve the issue.

Fix

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2011-0334

Affected Products

Novell Groupwise

PT-2011-2277 · Novell · Novell Groupwise

CVE-2011-0334

Weakness Enumeration

Related Identifiers

Affected Products

References · 5