10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.906 High
EPSS
Percentile
98.5%
Added: 07/07/2008
CVE: CVE-2008-2703
BID: 29602
OSVDB: 46041
GroupWise Messenger is an instant messaging client for Novell GroupWise.
Novell GroupWise is affected by a buffer overflow vulnerability which could allow command execution when the client program processes specially crafted HTTP responses.
Upgrade to GroupWise Messenger 2.0.3 Hot Patch 1.
<http://secunia.com/advisories/30576>
Exploit works on Novell GroupWise Messenger 2.0.0 and requires a user to log into the exploit server from Novell GroupWise Messenger.
Windows