Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4711Double Free in Groupwise

CWE-3994 documents4 sources
Severity
10.0CRITICALNVD
EPSS
3.0%
top 13.51%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Groupwise
Timeline
PublishedJan 31
Latest updateMay 17

Description

Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDnovell/groupwise8.0.2+22

🔴Vulnerability Details

2
GHSA
GHSA-8q39-w8qp-j6g5: Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 82022-05-17
CVEList
CVE-2010-4711: Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 82011-01-31

💥Exploits & PoCs

1
Exploit-DB
Novell Groupwise Internet Agent - IMAP 'LIST' Remote Code Execution2010-11-09
CVE-2010-4711 — Double Free in Novell Groupwise | cvebase