10

CVE-2007-2171

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NovellGroupwise Version7.0
NovellGroupwise Version7.0 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 24.33% 0.976
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://download.novell.com/Download?buildid=8RF83go0nZg~
Patch
http://download.novell.com/Download?buildid=O9ucpbS1bK0~
Patch
http://secunia.com/advisories/24944
Vendor Advisory
http://securityreason.com/securityalert/2610
http://www.securityfocus.com/archive/1/466212/100/0/threaded
http://www.securityfocus.com/bid/23556
http://www.securitytracker.com/id?1017932
http://www.vupen.com/english/advisories/2007/1455
http://www.zerodayinitiative.com/advisories/ZDI-07-015.html