CVE-2011-2662Groupwise vulnerability

CWE-1893 documents3 sources
Severity
10.0CRITICALNVD
EPSS
13.5%
top 5.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Groupwise
Timeline
PublishedOct 8
Latest updateMay 17

Description

Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-6p6c-pgvv-x7q4: Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 82022-05-17
CVEList
CVE-2011-2662: Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 82011-10-08
CVE-2011-2662 — Novell Groupwise vulnerability | cvebase