Stack-based Buffer Overflow in Novell GroupWise Messenger Client
CVE-2008-2703

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise Messenger
Vendor: CVE Published:; 13 June 2008

Summary

Multiple stack-based buffer overflows exist in the Novell GroupWise Messenger Client prior to version 2.0.3 HP1 for Windows. These vulnerabilities enable remote attackers to execute arbitrary code by sending specially crafted server responses that contain excessively long strings after the NM_A_SZ_TRANSACTION_ID field name. This may lead to unauthorized access, data breaches, or system compromise, highlighting a critical need for prompt updates and diligent security practices.

References

http://www.securityfocus.com/bid/29602

vdb-entryx_refsource_BID

http://secunia.com/advisories/30576

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/42917

vdb-entryx_refsource_XF

EPSS Score

71% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 13, 2008
Vulnerability Reserved
Jun 13, 2008