2 matches found
SUSE CVE-2014-0611
Multiple cross-site scripting XSS vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Novell GroupWise Client ActiveX SetEngine Pointer Manipulation
Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...