Novell GroupWise Client for Windows ActiveX Code Execution (CVE-2012-0439)

A remote code execution vulnerability exists in the ActiveX control for Novell GroupWise Client for Windows...

DSquare Exploit Pack: D2SEC_GWCLS

Name| d2secgwcls ---|--- CVE| CVE-2012-0439 Exploit Pack| D2ExploitPack Description| Novell GroupWise gwcls1.dll ActiveX Remote Code Execution Vulnerability Notes|...

CVE-2012-0439

CVE-2012-0439 is an ActiveX remote-code-execution vulnerability in the Novell GroupWise Client gwcls1.dll. The issue affects GroupWise 8.x before 8.0.3 HP2 and 2012 before SP1 HP1, where an attacker can trigger arbitrary code execution via a pointer argument to the SetEngine method or an XPItem p...

Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...

Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...

Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...

CVE-2012-0439

creationtimestamp| type| source ---|---|--- 2013-02-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/24490 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/novellgroupwisegwcls1actvx.rb 2025-02-06...

Novell Groupwise Client - 'gwcls1.dll' ActiveX Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...

Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution

This module exploits a vulnerability in the Novell GroupWise Client gwcls1.dll ActiveX. Several methods in the GWCalServer control use user provided data as a pointer, which allows to read arbitrary memory and execute arbitrary code. This module has been tested successfully with GroupWise Client...

Novell GroupWise Client 8.x < 8.0.3 Hot Patch 2 / 2012.x < 2012 SP1 Hot Patch 1 Multiple Vulnerabilities

The version of Novell GroupWise Client installed on the remote Windows host is 8.x prior to 8.0.3 Hot Patch 2 8.0.3.26516 or 2012.x prior to 2012 SP1 Hot Patch 1 12.0.1.16521. It is, therefore, reportedly affected by the following vulnerabilities : - An unspecified error exists related to an...