924 matches found
CVE-2013-1087
Cross-site scripting XSS vulnerability in the client in Novell GroupWise through 8.0.3 HP3, and 2012 through SP2, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML via the body of an e-mail message...
CVE-2010-4713
Integer signedness error in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header...
CVE-2010-4716
Cross-site scripting XSS vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1085
Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter...
CVE-2010-2779
Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies."...
CVE-2010-2778
Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."...
CVE-2011-2661
Multiple cross-site scripting XSS vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the 1 Directory.Item.name or 2 Directory.Item.displayName parameter...
CVE-2011-2219
Unspecified vulnerability in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service daemon crash via unknown vectors, a different vulnerability than CVE-2011-2218...
CVE-2011-2218
Unspecified vulnerability in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service daemon crash via unknown vectors, a different vulnerability than CVE-2011-2219...
CVE-2012-0439
An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via 1 a pointer argument to the SetEngine method or 2 an XPItem pointer argument to an unspecified method...
CVE-2010-4715
Multiple directory traversal vulnerabilities in the 1 WebAccess Agent and 2 Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information...
CVE-2010-4711
Double free vulnerability in the IMAP server component in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command...
CVE-2010-2777
Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent GWIA in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command...
CVE-2009-0274
Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 might allow remote attackers to obtain sensitive information via a crafted URL, related to conversion of POST requests to GET requests...
SUSE CVE-2014-0611
Multiple cross-site scripting XSS vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
SUSE CVE-2010-2777
Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent GWIA in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command...
SUSE CVE-2010-2778
Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."...
SUSE CVE-2010-2779
Cross-site scripting XSS vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies."...
SUSE CVE-2010-4715
Multiple directory traversal vulnerabilities in the 1 WebAccess Agent and 2 Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information...
SUSE CVE-2010-4716
Cross-site scripting XSS vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...