The host is installed with Novell GroupWise Messenger 2.04 and earlier or Novell Messenger 2.1 or earlier or 2.2.x before 2.2.2 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle an import command containing a long string in the filename parameter. Successful exploitation allows attackers to execute arbitrary code.