CVE-2011-3179

CWE-200 — Information Exposure3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.9%

top 23.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Groupwise Messenger Novell Messenger

Timeline

PublishedDec 8

Latest updateMay 17

Description

The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDnovell/groupwise_messenger2.0.4+5

▶NVDnovell/messenger2.1, 2.2.0+1

🔴Vulnerability Details

GHSA

GHSA-cgqx-hv7c-9fq5: The server process in Novell Messenger 2↗2022-05-17

▶

CVEList

CVE-2011-3179: The server process in Novell Messenger 2↗2011-12-08

▶