CVE-2013-1085

CWE-119 — Buffer Overflow3 documents3 sources

Severity

9.3CRITICAL

EPSS

20.6%

top 4.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Groupwise Messenger Novell Messenger

Timeline

PublishedMar 29

Latest updateMay 17

Description

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDnovell/groupwise_messenger2.0.4+3

▶NVDnovell/messenger2.1+2

🔴Vulnerability Details

GHSA

GHSA-7382-3hq7-7jjw: Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2↗2022-05-17

▶

CVEList

CVE-2013-1085: Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2↗2013-03-29

▶