CVSS: 5.0EPSS: 4%CPEs: 4EXPL: 1CVE-2008-2704
https://notcve.org/view.php?id=CVE-2008-2704
Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial of service (crash) via a long user ID, possibly involving a popup alert. NOTE: it is not clear whether this issue crosses privilege boundaries. GroupWise Messenger (GWIM) de Novell anterior a versión 2.0.3 Hot Parche 1, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de un ID de usuario largo, que posiblemente implica una alerta emergente. NOTA: no está claro si este problema cruza los límites del privilegio. • http://secunia.com/advisories/30576 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5026700.html http://www.securityfocus.com/archive/1/493964/100/0/threaded http://www.securityfocus.com/bid/29602 http://www.securitytracker.com/id?1020209 http://www.vupen.com/english/advisories/2008/1764/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42918 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 88%CPEs: 3EXPL: 2CVE-2008-2703 – Novell Groupwise Messenger 2.0 Client - Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-2703
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name. Múltiples desbordamientos de búfer en la región stack de la memoria en GroupWise Messenger (GWIM) Client de Novell anterior a versión 2.0.3 HP1 para Windows, permiten a los atacantes remotos ejecutar código arbitrario por medio de "spoofed server responses" que contienen una cadena larga después del nombre del campo NM_A_SZ_TRANSACTION_ID. • https://www.exploit-db.com/exploits/31889 https://www.exploit-db.com/exploits/16814 http://secunia.com/advisories/30576 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5026700.html http://www.securityfocus.com/archive/1/493964/100/0/threaded http://www.securityfocus.com/bid/29602 http://www.securitytracker.com/id?1020209 http://www.vupen.com/english/advisories/2008/1764/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42917 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2008-2145
https://notcve.org/view.php?id=CVE-2008-2145
Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog. Desbordamiento de búfer basado en pila en Novell Client 4.91 SP4 y anteriores permite a usuarios locales provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un nombre de usuario (username) largo en el diálogo "forgotten password (contraseña olvidada)". • http://secunia.com/advisories/30126 http://securityreason.com/securityalert/3868 http://www.securityfocus.com/archive/1/491814/100/0/threaded http://www.securityfocus.com/bid/29109 http://www.securitytracker.com/id?1020020 http://www.vupen.com/english/advisories/2008/1503 https://exchange.xforce.ibmcloud.com/vulnerabilities/42359 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2008-2112
https://notcve.org/view.php?id=CVE-2008-2112
Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig. Vulnerabilidad sin especificar en Sun Ray Kiosk Mode 4.0, permite a administradores autenticados locales y remotos de Sun Ray, obtener privilegios a través de vectores desconocidos relacionados con utconfig. • http://secunia.com/advisories/30130 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236944-1 http://www.securityfocus.com/bid/29092 http://www.securitytracker.com/id?1019993 http://www.vupen.com/english/advisories/2008/1454/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42262 •
CVSS: 9.3EPSS: 11%CPEs: 4EXPL: 1CVE-2008-2069 – Groupwise 7.0 - 'mailto: scheme' Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-2069
Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execute arbitrary code via a long argument in a mailto: URI. Desbordamiento de búfer en Novell GroupWise 7 permite a atacantes remotos provocar una denegación de servicio o la ejecución de código de su elección a través de un un argumento largo en una URI: mailto. • https://www.exploit-db.com/exploits/5515 http://securityreason.com/securityalert/3847 http://www.securityfocus.com/archive/1/491376/100/0/threaded http://www.securityfocus.com/archive/1/491576/100/0/threaded http://www.securityfocus.com/archive/1/491594/100/0/threaded http://www.securityfocus.com/bid/28969 http://www.securitytracker.com/id?1019942 http://www.vupen.com/english/advisories/2008/1393/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42052 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •