NotCVE - vendor:"Novell" product:"Groupwise" version:"7.0.3"

Page 4 of 34 results (0.002 seconds)

CVSS: 10.0EPSS: 17%CPEs: 7EXPL: 2

CVE-2009-0410 – Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2009-0410

02 Feb 2009 — Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow. Error Off-by-one en el demonio SMTP en GroupWise Internet Agent (GWIA) en Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, y 8.0 que permite a los atacantes remotos ejecutar arbitrariamente código a través de una dirección larga de ... • https://packetstorm.news/files/id/74653 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2009-0272 – ProCheckUp Security Advisory 2008.21

https://notcve.org/view.php?id=CVE-2009-0272

30 Jan 2009 — Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors. Una vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en Novell GroupWise WebAccess 6.5X, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, y 8.0 permite a atacantes remotos insertar reglas de correo y modificar otros ajustes de c... • http://secunia.com/advisories/33744 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2009-0273 – ProCheckUp Security Advisory 2008.22

https://notcve.org/view.php?id=CVE-2009-0273

30 Jan 2009 — Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en WebAccess de GroupWise de Novell v6.5x, v7.0, v7.01, v7.02x, v7.03, v7.03HP1a y v8.0. Permite a at... • http://secunia.com/advisories/33744 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 1%CPEs: 6EXPL: 0

CVE-2008-3501

https://notcve.org/view.php?id=CVE-2008-3501

06 Aug 2008 — Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la interfaz simple WebAccess de Novell Groupwise 7.0.x permite a atacantes remotos inyectar web script o HTML de su elección a través de vectores no especificados. • http://secunia.com/advisories/30839 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3 4