10
CVE-2010-4325
- EPSS 9.55%
- Veröffentlicht 28.01.2011 21:00:01
- Zuletzt bearbeitet 16.06.2026 23:24:33
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.55% | 0.948 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://osvdb.org/70676
http://secunia.com/advisories/43089
http://www.novell.com/support/viewContent.do?externalId=7007638&sliceId=1
http://www.novell.com/support/viewContent.do?externalId=7009212
http://www.securityfocus.com/archive/1/516002/100/0/threaded
http://www.securityfocus.com/bid/46025
http://www.vupen.com/english/advisories/2011/0220
http://www.zerodayinitiative.com/advisories/ZDI-11-027/
https://bugzilla.novell.com/show_bug.cgi?id=657818
https://bugzilla.novell.com/show_bug.cgi?id=685304
https://exchange.xforce.ibmcloud.com/vulnerabilities/64928
https://labs.idefense.com/verisign/intelligence/2009/vulnerabilities/display.php?id=944