PRIOn knowledge basePRION:CVE-2009-1636Buffer overflow
8.2 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.509 Medium
EPSS
Percentile
97.5%
Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command.
References
osvdb.org/54644
osvdb.org/54645
secunia.com/advisories/35177
www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1
www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1
www.securityfocus.com/archive/1/503724/100/0/threaded
www.securityfocus.com/bid/35064
www.securityfocus.com/bid/35065
www.securitytracker.com/id?1022276
www.vupen.com/english/advisories/2009/1393
www.vupen.com/exploits/Novell_GroupWise_GWIA_Email_Address_Remote_Buffer_Overflow_Exploit_1393141.php
www.vupen.com/exploits/Novell_GroupWise_GWIA_SMTP_Command_Remote_Buffer_Overflow_PoC_Exploit_1393140.php
bugzilla.novell.com/show_bug.cgi?id=478892
bugzilla.novell.com/show_bug.cgi?id=482914
exchange.xforce.ibmcloud.com/vulnerabilities/50692
exchange.xforce.ibmcloud.com/vulnerabilities/50693
Related
8.2 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.509 Medium
EPSS
Percentile
97.5%