CVSS: 9.3EPSS: 37%CPEs: 1EXPL: 2CVE-2007-6435
https://notcve.org/view.php?id=CVE-2007-6435
Stack-based buffer overflow in Novell GroupWise before 6.5.7, when HTML preview of e-mail is enabled, allows user-assisted remote attackers to execute arbitrary code via a long SRC attribute in an IMG element when forwarding or replying to a crafted e-mail. Desbordamiento de búfer basado en pila en Novell GroupWise anterior a 6.5.7, cuando la vista previa HTML del correo está activada, permite a un atacante remoto con la intervención de un usuario ejecutar código de su elección a través de un atributo SRC largo en una elemento IMG cuando responde o reenvía en un correo manipulado. • http://osvdb.org/40870 http://secunia.com/advisories/28102 http://securityreason.com/securityalert/3459 http://www.infobyte.com.ar/adv/ISR-16.html http://www.securityfocus.com/archive/1/485100/100/0/threaded http://www.securityfocus.com/bid/26875 http://www.securitytracker.com/id?1019101 http://www.vupen.com/english/advisories/2007/4273 https://exchange.xforce.ibmcloud.com/vulnerabilities/39032 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 31%CPEs: 6EXPL: 0CVE-2007-6302 – Novell NetMail AntiVirus Agent Multiple Heap Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-6302
Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162." Múltiples desbordamientos de búfer en la región heap de la memoria en el archivo avirus.exe en Novell NetMail versiones 3.5.2 anteriores a Messaging Architects M+NetMail versión 3.52f (también se conoce como 3.5.2F), permite a los atacantes remotos ejecutar código arbitrario por medio de enteros ASCII no especificados usados como argumentos de asignación de memoria, también se conoce como "ZDI-CAN-162". These vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Novell NetMail. User interaction is not required to exploit this vulnerability. The specific flaws exist in the AntiVirus agent which listens on a random high TCP port. The avirus.exe service protocol reads a user-supplied ASCII integer value as an argument to a memory allocation routine. • http://secunia.com/advisories/27974 http://www.messagingarchitects.com/en/support/mplusnetmail/docs/readme.pdf http://www.securityfocus.com/archive/1/484843/100/0/threaded http://www.securityfocus.com/bid/26753 http://www.securitytracker.com/id?1019063 http://www.vupen.com/english/advisories/2007/4112 http://www.zerodayinitiative.com/advisories/ZDI-07-072.html https://exchange.xforce.ibmcloud.com/vulnerabilities/38909 https://secure-support.novell.com/KanisaPlatform/Publishing/990/3639135_f.SA • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 26EXPL: 0CVE-2007-5667
https://notcve.org/view.php?id=CVE-2007-5667
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations. NWFILTER.SYS en Novell Client 4.91 SP 1 hasta el SP 4 para Windows 2000, XP, y Server 2003 toma el dispositivo disponible \.\nwfilter para entradas METHOD_NEITHER IOCTLs en modo usuario de su elección, lo cual permite a usuarios locales ganar privilegios pasando la dirección del núcleo como un argumento y sobrescribiendo localizaciones de la memoria del núcleo. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626 http://osvdb.org/40867 http://secunia.com/advisories/27678 http://www.securityfocus.com/bid/26420 http://www.securitytracker.com/id?1018943 http://www.vupen.com/english/advisories/2007/3846 https://exchange.xforce.ibmcloud.com/vulnerabilities/38434 https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 43%CPEs: 1EXPL: 0CVE-2007-5767 – Novell Client Trust Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-5767
Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character. Desbordamiento de búfer basado en montículo en la Aplicación Client Trust (clntrust.exe) en el BorderManager 3.8 anterior a la actualización 1.5, permite a atacantes remotos ejecutar código de su elección a través de una petición de validación en la que el nombre de árbol Novell no está apropiadamente delimitado con el caracter-extendido de la contrabarra o un caracter NULL. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell software which utilize the Novell Client Trust. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Novell Client Trust application, clntrust.exe, which listens by default on UDP port 3024 on Novell client machines. During a validation request, the Client Trust process copies a user-supplied Novell tree name until a wide-character backslash or a NULL is encountered. • http://download.novell.com/Download?buildid=AuOWp2Xsvmc~ http://secunia.com/advisories/27468 http://securitytracker.com/id?1018882 http://www.securityfocus.com/bid/26285 http://www.vupen.com/english/advisories/2007/3682 http://www.zerodayinitiative.com/advisories/ZDI-07-064.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5702
https://notcve.org/view.php?id=CVE-2007-5702
Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en swamp/action/LoginActions (también conocido como el cuadro de autenticación) en Novell OpenSUSE SWAMP Workflow Administration y Management Platform 1.x permite a atacantes remotos inyectar scripts web o HTML de su elección a través del parámetro username. NOTA: algunos de estos detalles se han obtenido de información de terceros. • http://secunia.com/advisories/27390 http://swamp.svn.sourceforge.net/viewvc/swamp/trunk/swamp/webapps/webswamp/src/java/de/suse/swamp/modules/actions/LoginActions.java?r1=666&r2=700 http://www.osvdb.org/38203 http://www.securityfocus.com/archive/1/482733/100/0/threaded http://www.securityfocus.com/bid/26198 https://exchange.xforce.ibmcloud.com/vulnerabilities/37399 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •