Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:novell:groupwise_messenger:2.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-1085 |
Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter. Published: March 29, 2013; 12:09:05 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-3179 |
The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command. Published: December 08, 2011; 6:55:01 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2008-2703 |
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name. Published: June 13, 2008; 3:41:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2008-2704 |
Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial of service (crash) via a long user ID, possibly involving a popup alert. NOTE: it is not clear whether this issue crosses privilege boundaries. Published: June 13, 2008; 3:41:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-0992 |
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier. Published: April 14, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |