CVE-2010-4714

EPSS 2.52%
Veröffentlicht 31.01.2011 20:00:47
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Novell ≫ Groupwise Version <= 8.0.2

Novell ≫ Groupwise Version4.1

Novell ≫ Groupwise Version4.1a

Novell ≫ Groupwise Version5.0

Novell ≫ Groupwise Version5.1

Novell ≫ Groupwise Version5.2

Novell ≫ Groupwise Version5.5

Novell ≫ Groupwise Version5.5 Editionenhancement_pack

Novell ≫ Groupwise Version5.57e

Novell ≫ Groupwise Version6.0

Novell ≫ Groupwise Version6.0 Updatesp1

Novell ≫ Groupwise Version6.0 Updatesp5

Novell ≫ Groupwise Version6.0.1 Updatesp1

Novell ≫ Groupwise Version6.5

Novell ≫ Groupwise Version6.5 Updatesp1

Novell ≫ Groupwise Version6.5 Updatesp2

Novell ≫ Groupwise Version6.5 Updatesp3

Novell ≫ Groupwise Version6.5 Updatesp4

Novell ≫ Groupwise Version6.5 Updatesp5

Novell ≫ Groupwise Version6.5 Updatesp6

Novell ≫ Groupwise Version6.5.2

Novell ≫ Groupwise Version6.5.3

Novell ≫ Groupwise Version6.5.4

Novell ≫ Groupwise Version6.5.6

Novell ≫ Groupwise Version6.5.7

Novell ≫ Groupwise Version7.0

Novell ≫ Groupwise Version7.0.1

Novell ≫ Groupwise Version7.0.2

Novell ≫ Groupwise Version7.0.3

Novell ≫ Groupwise Version7.0.4

Novell ≫ Groupwise Version8.0

Novell ≫ Groupwise Version8.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.52%	0.84

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.facebook.com/note.php?note_id=477865030928

http://www.novell.com/support/viewContent.do?externalId=7007159&sliceId=1

Vendor Advisory

http://zerodayinitiative.com/advisories/ZDI-10-247/

https://bugzilla.novell.com/show_bug.cgi?id=627942

https://nvd.nist.gov/vuln/detail/CVE-2010-4714

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-4714

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-4714

EUVD