Remote Code Execution Vulnerability in Novell GroupWise
CVE-2014-0610

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise
Vendor: CVE Published:; 5 September 2014

Summary

A vulnerability exists in Novell GroupWise prior to versions 8.0.3 HP4, 2012 SP3, and 2014 SP1, which allows malicious remote attackers to exploit unspecified vectors. This exploitation can result in arbitrary code execution or trigger a denial of service by invoking an invalid pointer dereference. Users and organizations utilizing affected versions should take immediate steps to mitigate the risks associated with this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95738

vdb-entryx_refsource_XF

http://www.novell.com/support/kb/doc.php?id=7015565

x_refsource_CONFIRM

http://www.securitytracker.com/id/1030802

vdb-entryx_refsource_SECTRACK

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 5, 2014
Vulnerability Reserved
Dec 28, 2013