SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2010-4326

Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

BID-45994

ADV-2011-0219

groupwise-requeststatus-bo(64929)

http://www.facebook.com/note.php?note_id=477865030928

http://www.novell.com/support/viewContent.do?externalId=7007155&sliceId=1

http://www.zerodayinitiative.com/advisories/ZDI-11-025/

http://zerodayinitiative.com/advisories/ZDI-10-239/

http://zerodayinitiative.com/advisories/ZDI-10-240/

http://zerodayinitiative.com/advisories/ZDI-10-243/

https://bugzilla.novell.com/show_bug.cgi?id=642339

https://bugzilla.novell.com/show_bug.cgi?id=642340

https://bugzilla.novell.com/show_bug.cgi?id=642345

https://bugzilla.novell.com/show_bug.cgi?id=642349


30479



423868



248392



909



195452



282