Novell

Groupwise

74 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2010-4714

  • EPSS 2.52%
  • Veröffentlicht 31.01.2011 20:00:47
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe ...

10

CVE-2010-4713

  • EPSS 13.55%
  • Veröffentlicht 31.01.2011 20:00:47
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header.

10

CVE-2010-4712

  • EPSS 27.85%
  • Veröffentlicht 31.01.2011 20:00:11
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon)...

10

CVE-2010-4711

  • EPSS 8.44%
  • Veröffentlicht 31.01.2011 20:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.

4.3

CVE-2010-2778

  • EPSS 1.28%
  • Veröffentlicht 28.01.2011 22:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."

4.3

CVE-2010-2779

  • EPSS 1.28%
  • Veröffentlicht 28.01.2011 22:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies."

9

CVE-2010-2777

  • EPSS 22.88%
  • Veröffentlicht 28.01.2011 22:00:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE c...

10

CVE-2010-4326

  • EPSS 28.49%
  • Veröffentlicht 28.01.2011 21:00:28
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNA...

10

CVE-2010-4325

  • EPSS 19.93%
  • Veröffentlicht 28.01.2011 21:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.

4.3

CVE-2009-4662

  • EPSS 0.88%
  • Veröffentlicht 03.03.2010 20:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via the User.Theme.index parameter.