CVSS: 10.0EPSS: 33%CPEs: 43EXPL: 2CVE-2012-0271 – Novell Groupwise 8.0.2 HP3 and 2012 - Integer Overflow
https://notcve.org/view.php?id=CVE-2012-0271
19 Sep 2012 — Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header. Un desbordamiento de entero en el componente de consola web en gwia.exe en el Agente de Internet de GroupWise (GWIA) en Novell GroupWise v8.0 antes de v8.0.3 HP1 y 20... • https://www.exploit-db.com/exploits/21326 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 3%CPEs: 43EXPL: 0CVE-2012-0410
https://notcve.org/view.php?id=CVE-2012-0410
05 Jul 2012 — Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter. Una vulnerabilidad de salto de directorio en Novell GroupWise WebAccess antes de v8.03 permite a atacantes remotos leer ficheros de su elección mediante el parámetro User.interface. • http://www.novell.com/support/kb/doc.php?id=7000708 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 12%CPEs: 32EXPL: 1CVE-2010-4711 – Novell Groupwise Internet Agent - IMAP 'LIST' Remote Code Execution
https://notcve.org/view.php?id=CVE-2010-4711
31 Jan 2011 — Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command. Vulnerabilidad de doble liberación de memoria en el componente de servidor IMAP en GroupWise Agente de Internet (GWIA) en Novell GroupWise antes de v8.02HP permite a atacantes remotos ejecutar código arbitrario mediante un parámetro largo en un comando LIST. • https://www.exploit-db.com/exploits/15463 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 23%CPEs: 32EXPL: 0CVE-2010-4712
https://notcve.org/view.php?id=CVE-2010-4712
31 Jan 2011 — Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data. Múltiples desbordamientos de búfer basado en pila en gwia.exe en GroupWise Internet Agent (GWIA)de Novell GroupWise antes de v8.02HP, permite a atacantes remotos ejecutar código de su elección a través de una cabecera Cont... • http://www.facebook.com/note.php?note_id=477865030928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 13%CPEs: 32EXPL: 0CVE-2010-4713
https://notcve.org/view.php?id=CVE-2010-4713
31 Jan 2011 — Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header. Error de signo de enteros en gwia.exe en GroupWise Agente de Internet (GWIA) en Novell GroupWise antes de v8.02HP permite a atacantes remotos ejecutar código arbitrario mediante un valor entero con signo en el encabezado Content-Type. • http://www.facebook.com/note.php?note_id=477865030928 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 2%CPEs: 32EXPL: 0CVE-2010-4714
https://notcve.org/view.php?id=CVE-2010-4714
31 Jan 2011 — Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent. Múltiples desbordamientos de búfer en Novell GroupWise en versiones anteriores a v8.02HP, permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su el... • http://www.facebook.com/note.php?note_id=477865030928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 32EXPL: 1CVE-2010-4715 – Novell Groupwise 8.0 - Multiple Remote Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-4715
31 Jan 2011 — Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information. Múltiples vulnerabilidades de salto de directorio en, cuando está habilitado register_globals, permite a atacantes remotos incluir y ejecutar ficheros locales de su elección ,utilizando vectores no especificados. NOTA: alg... • https://www.exploit-db.com/exploits/34980 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 1%CPEs: 32EXPL: 0CVE-2010-4716
https://notcve.org/view.php?id=CVE-2010-4716
31 Jan 2011 — Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el componente WebPublisher de Novell GroupWise en versiones anteriores a v8.02HP, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de parámetros no especificados. • http://www.facebook.com/note.php?note_id=477865030928 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 29%CPEs: 32EXPL: 2CVE-2010-4717 – Novell Groupwise Internet Agent - IMAP 'LIST LSUB' Remote Code Execution
https://notcve.org/view.php?id=CVE-2010-4717
31 Jan 2011 — Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command. Múltiples desbordamientos de búfer basados en pila en el componente del servidor de IMAP en GroupWise Internet Agent (GWIA) en Novell GroupWise before v8.02HP permite a atacantes remotos ejecutar código de su elección a través de una (1)LIST larga o (2) un comando LSUB. • https://www.exploit-db.com/exploits/15464 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 19%CPEs: 32EXPL: 0CVE-2010-4325 – Novell Groupwise iCal COMMENT, RRULE, TZNAME Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-4325
28 Jan 2011 — Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message. Desbordamiento de búfer en gwwww1.dll en GroupWise Internet Agent (GWIA) en Novell GroupWise anterior a v8.02HP2 permite a atacantes remotos ejecutar código arbitrario a través de una variable TZID manipulada en un mensaje VCALENDAR. This vulnerability allows remote attackers to execute arbitrary code on vuln... • http://osvdb.org/70676 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •