Novell GroupWise is an e-mail and collaboration product suite.
A buffer overflow vulnerability in the GroupWise client allows command execution when a user replies to or forwards a message containing an IMG tag with a specially crafted SRC attribute.
Apply GroupWise 6.5.6 Update 2.
Exploit works on Novell GroupWise Client 6.5.6 and requires a user to reply to or forward the exploit e-mail.
The HTML Preview option must be enabled in Novell GroupWise Client in order for this exploit to succeed.