Heap-Based Buffer Overflow in Novell GroupWise Internet Agent
CVE-2011-0333

Currently unrated

Key Information:

Vendor

Novell
Status
Groupwise
Vendor
CVE Published:
8 October 2011

What is CVE-2011-0333?

A heap-based buffer overflow vulnerability exists in the NgwiCalVTimeZoneBody::ParseSelf function within gwwww1.dll in Novell's GroupWise Internet Agent. This vulnerability allows remote attackers to exploit a crafted TZNAME variable in a VCALENDAR attachment within an email, potentially leading to arbitrary code execution. The vulnerability arises due to an integer truncation error, which can be leveraged by attackers to manipulate the memory flow of the software and execute unintended commands.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://labs.idefense.com/verisign/intelligence/2009/vuln...
third-party-advisoryx_refsource_IDEFENSE
http://secunia.com/secunia_research/2011-66/
x_refsource_MISC
https://bugzilla.novell.com/show_bug.cgi?id=678715
x_refsource_CONFIRM

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.