CVE-2010-4712Improper Restriction of Operations within the Bounds of a Memory Buffer in Groupwise

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
23.1%
top 4.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Groupwise
Timeline
PublishedJan 31
Latest updateMay 17

Description

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDnovell/groupwise8.0.2+22

🔴Vulnerability Details

2
GHSA
GHSA-66vr-4f54-3w4r: Multiple stack-based buffer overflows in gwia2022-05-17
CVEList
CVE-2010-4712: Multiple stack-based buffer overflows in gwia2011-01-31
CVE-2010-4712 — Novell Groupwise vulnerability | cvebase