Lucene search

K

[email protected]NVD:CVE-2007-2171

HistoryApr 24, 2007 - 8:19 p.m.

CVE-2007-2171

2007-04-2420:19:00

[email protected]

web.nvd.nist.gov

6

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8

Confidence

Low

EPSS

0.946

Percentile

99.3%

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.

Affected configurations

Nvd

Node

novellgroupwiseMatch7.0

OR

novellgroupwiseMatch7.0sp1

VendorProductVersionCPE
novellgroupwise7.0cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*
novellgroupwise7.0cpe:2.3:a:novell:groupwise:7.0:sp1:*:*:*:*:*:*

References

download.novell.com/Download?buildid=8RF83go0nZg~

download.novell.com/Download?buildid=O9ucpbS1bK0~

secunia.com/advisories/24944

securityreason.com/securityalert/2610

www.securityfocus.com/archive/1/466212/100/0/threaded

www.securityfocus.com/bid/23556

www.securitytracker.com/id?1017932

www.vupen.com/english/advisories/2007/1455

www.zerodayinitiative.com/advisories/ZDI-07-015.html

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8

Confidence

Low

EPSS

0.946

Percentile

99.3%

Related for NVD:CVE-2007-2171

securityvulns2 saint4 cve1 checkpoint_advisories1 nessus1 canvas1 zdi1 prion1 cvelist1