Lucene search
SAINT CorporationSAINT:D46AA13D4E61F89C4307FB2CDE92B692HistoryJan 15, 2008 - 12:00 a.m.
Novell GroupWise Client IMG SRC buffer overflow
2008-01-1500:00:00
SAINT Corporation
www.saintcorporation.com
90
0.37 Low
EPSS
Percentile
97.2%
Added: 01/15/2008
CVE: CVE-2007-6435
BID: 26875
OSVDB: 40870
Background
Novell GroupWise is an e-mail and collaboration product suite.
Problem
A buffer overflow vulnerability in the GroupWise client allows command execution when a user replies to or forwards a message containing an IMG tag with a specially crafted SRC attribute.
Resolution
Apply GroupWise 6.5.6 Update 2.
References
<http://www.securityfocus.com/archive/1/485100>
Limitations
Exploit works on Novell GroupWise Client 6.5.6 and requires a user to reply to or forward the exploit e-mail.
The HTML Preview option must be enabled in Novell GroupWise Client in order for this exploit to succeed.
Platforms
Windows 2000
Windows XP
Related
checkpoint_advisories
checkpoint_advisories
saint
saint
Novell GroupWise Client IMG SRC buffer overflow
2008-01-15 00:00:00
Novell GroupWise Client IMG SRC buffer overflow
2008-01-15 00:00:00
Novell GroupWise Client IMG SRC buffer overflow
2008-01-15 00:00:00
cvelist
cvelist
CVE-2007-6435
2007-12-18 20:00:00
prion
prion
Stack overflow
2007-12-18 20:46:00
cve
cve
CVE-2007-6435
2007-12-18 20:46:00
nvd
nvd
CVE-2007-6435
2007-12-18 20:46:00