Memory Disclosure Vulnerability in Novell Messenger and Groupwise MessengerID: oval:org.secpod.oval:def:3564 | Date: (C)2011-12-30 (M)2021-06-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Novell messenger 2.1 or 2.2.x before 2.2, Groupwise Messenger 2.0.4 or earlier and is prone to memory disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted command that would force the Messenger server process to return the contents of arbitrary memory locations, Successful exploitation allows remote attackers to read from arbitrary memory locations.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Novell GroupWise Messenger |
Novell Messenger |