CVE-2012-0439
Novell GroupWise gwcls1.dll ActiveX Control Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via (1) a pointer argument to the SetEngine method or (2) an XPItem pointer argument to an unspecified method.
Un control ActiveX en gwcls1.dll en el cliente de Novell GroupWise v8.0 antes de v8.0.3 HP2 y 2012 SP1 antes de HP1 permite a atacantes remotos ejecutar código arbitrario a través de (1) un argumento puntero al método SetEngine o (2) un argumento puntero a XPItem a un método no especificado.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaws exists within multiple methods exposed by gwcls1.dll. There are 20 methods which accept an XPItem pointer and perform operations on the potentially malicious pointer without validation. Additionally, the SetEngine() method accepts an unvalidated pointer and performs operations and method calls based upon it. An attacker can manipulate these behaviors to execute arbitrary code on the user's system in the context of the browser.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-01-09 CVE Reserved
- 2013-02-01 CVE Published
- 2013-02-12 First Exploit
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-13-008 | X_refsource_misc |
|
| https://bugzilla.novell.com/show_bug.cgi?id=712144 | X_refsource_confirm | |
| https://bugzilla.novell.com/show_bug.cgi?id=743674 | X_refsource_confirm |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/24490 | 2013-02-12 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.novell.com/support/kb/doc.php?id=7011688 | 2013-02-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.0 Search vendor "Novell" for product "Groupwise" and version "8.0" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.00 Search vendor "Novell" for product "Groupwise" and version "8.00" | hp1 |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.00 Search vendor "Novell" for product "Groupwise" and version "8.00" | hp2 |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.00 Search vendor "Novell" for product "Groupwise" and version "8.00" | hp3 |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.01 Search vendor "Novell" for product "Groupwise" and version "8.01" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.01 Search vendor "Novell" for product "Groupwise" and version "8.01" | hp |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.02 Search vendor "Novell" for product "Groupwise" and version "8.02" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.02 Search vendor "Novell" for product "Groupwise" and version "8.02" | hp1 |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.02 Search vendor "Novell" for product "Groupwise" and version "8.02" | hp2 |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.02 Search vendor "Novell" for product "Groupwise" and version "8.02" | hp3 |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.03 Search vendor "Novell" for product "Groupwise" and version "8.03" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 8.03 Search vendor "Novell" for product "Groupwise" and version "8.03" | hp1 |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 2012 Search vendor "Novell" for product "Groupwise" and version "2012" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 2012 Search vendor "Novell" for product "Groupwise" and version "2012" | sp1 |
Affected
| ||||||