cbcvebase.
CVE-2013-0804
published 2013-02-24

CVE-2013-0804: The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service…

PriorityP356critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
12.30%
95.7th percentile
The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors.

Affected

6 ranges
VendorProductVersion rangeFixed in
novellgroupwise
novellgroupwise
novellgroupwise
novellgroupwise
novellgroupwise
novellgroupwise

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://www.exploit-db.com/exploits/38250
commandInvokeContact
bytes
%u9090%u7ceb
  • Exploit targets the InvokeContact ActiveX/COM method in the Novell GroupWise client; monitor for invocation of this method from browser or scripting contexts.
  • Exploit uses heap-spray technique with NOP sled pattern (%u9090) and short jump (%u7ceb) via unescape(); detect unescape-based heap spray in scripts interacting with GroupWise ActiveX objects.
  • Exploit allocates heap blocks targeting base address 0x150000; memory forensics or crash analysis showing controlled allocations near this address may indicate exploitation.
  • Exploit uses CollectGarbage() calls to manipulate heap layout (free and reallocate); scripting engine calls to CollectGarbage in conjunction with GroupWise COM object usage are suspicious.
  • ·Affected versions are Novell GroupWise 8.0 before 8.0.3 HP2 and GroupWise 2012 before SP1 HP1; exploitation only applies to unpatched clients in these version ranges.
  • ·The vulnerability involves an incorrect pointer dereference via unspecified vectors; the exact attack surface beyond the InvokeContact method is not fully disclosed in public sources.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.