SUSE CVE-2010-4713

Integer signedness error in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header...

CVE-2011-0334

Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file...

Novell Groupwise GWIA ber_get_stringa Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise. Authentication is not required to exploit this vulnerability. The flaw exists within the Groupwise Internet Agent component, specifically the optional LDAP server which listens on...

CVE-2012-0417

This CVE (CVE-2012-0417) concerns Novell GroupWise GroupWise Internet Agent (GWIA). The ZDI-12-196 advisory details a remote code execution vulnerability in the GWIA’s LDAP server (BER-encoded parameter handling on port 389). Specifically, parsing a BER chunk can cause an integer size wrap during...

CVE-2011-3827

CVE-2011-3827 affects Novell GroupWise Internet Agent (GWIA) 8.0 prior to Support Pack 3. The iCalendar parsing in gwwww1.dll (NgwiCalTimeProperty::date) may read beyond the string when parsing a date-time, causing an out-of-bounds read and GWIA daemon crash (DoS) via a crafted .ics attachment. R...

CVE-2012-0271

The CVE affects Novell GroupWise Internet Agent (GWIA) using WebConsole gwia.exe, where GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 are vulnerable to a remote heap-based buffer overflow triggered by a crafted HTTP Content-Length header (-1). The root cause is an integer overflow in the Web...

Preemptive Protection against Novell GroupWise Internet Agent RRULE Time Conversion Invalid Array Indexing (CVE-2011-2663)

A remote code injection and execution vulnerability has been reported in Novell GroupWise Internet Agent GWIA...

CVE-2011-0334

Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file...

CVE-2011-2662

Integer signedness error in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message...

CVE-2011-2663

Array index error in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message...

Stack overflow

Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file...

Integer overflow

Integer signedness error in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message...

CVE-2011-2663

CVE-2011-2663 affects Novell GroupWise Internet Agent (GWIA) in GroupWise 8.0 before HP3. A vulnerability in the calendar processing code occurs when parsing a malformed yearly RRULE in a VCALENDAR attachment, causing an array indexing/memory corruption that could allow remote code execution. Pub...

CVE-2011-2662

CVE-2011-2662 is a memory corruption/remote code‑execution vulnerability in Novell GroupWise Internet Agent (GWIA) 8.0 prior to HP3. The issue arises when parsing a VCALENDAR RRULE with a negative BYWEEKNO value, triggering a write beyond a heap buffer. This is described across multiple sources (...

CVE-2011-2662

Integer signedness error in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message...

CVE-2011-2218

CVE-2011-2218 concerns Novell GroupWise 8.0 clients using the GWIA component. The vulnerability allows remote attackers to cause a denial of service (daemon crash) on affected systems running GroupWise 8.0 before HP3 via unknown vectors. The description does not specify concrete exploit details o...

CVE-2011-2218

Unspecified vulnerability in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service daemon crash via unknown vectors, a different vulnerability than CVE-2011-2219...

CVE-2011-2219

Technical details for CVE-2011-2219 are not provided in the connected documents; the available sources describe a DoS vulnerability in GWIA with unknown vectors. Monitor for updates.

CVE-2010-4712

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing 1 multiple items separated by ; semicolon characters or 2 crafted string data...

CVE-2010-4711

CVE-2010-4711 is a double-free vulnerability in the IMAP server component of GroupWise Internet Agent (GWIA). Affected product/version: GroupWise GWIA before 8.02HP. Condition: remote attacker can execute arbitrary code by sending a large parameter in an IMAP LIST command. Exploitation details ar...