CVE-2010-4714Improper Restriction of Operations within the Bounds of a Memory Buffer in Groupwise

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
3.1%
top 13.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Groupwise
Timeline
PublishedJan 31
Latest updateMay 17

Description

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDnovell/groupwise8.0.2+22

🔴Vulnerability Details

2
GHSA
GHSA-5r52-7jj3-2v73: Multiple stack-based buffer overflows in Novell GroupWise before 82022-05-17
CVEList
CVE-2010-4714: Multiple stack-based buffer overflows in Novell GroupWise before 82011-01-31
CVE-2010-4714 — Novell Groupwise vulnerability | cvebase