Remote Code Execution in GroupWise Internet Agent by Novell
CVE-2011-0334

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise
Vendor: CVE Published:; 8 October 2011

Summary

A stack-based buffer overflow vulnerability exists in the GroupWise Internet Agent (GWIA) component of Novell GroupWise 8.0 prior to HP3. An attacker can exploit this vulnerability by sending a crafted HTTP request containing an excessively long .css file. Successful exploitation may lead to the execution of arbitrary code on the affected system, allowing attackers to compromise the integrity and confidentiality of sensitive data.

References

https://bugzilla.novell.com/show_bug.cgi?id=678939

x_refsource_CONFIRM

http://www.novell.com/support/viewContent.do?externalId=7...

x_refsource_CONFIRM

http://secunia.com/secunia_research/2011-67/

x_refsource_MISC

EPSS Score

25% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 8, 2011