Multiple vulnerabilities in Novell GroupWise

Posted: February 1, 2013 in Vulnerabilities
Tags: , ,

Vulnerability

Vulnerabilities in Novell GroupWise

Vulnerability: Multiple vulnerabilities in Novell GroupWise

Danger level: High
Patch: Yes
Number of vulnerabilities: 2

CVE ID: CVE-2012-0439
CVE-2013-0804

Vector of operation: Remote
Impact: System Compromise

Affected Products: Novell GroupWise Client 2012, Novell GroupWise Client 8.x, Novell GroupWise Server 8.x

Affected versions: Novell GroupWise 2012, Novell GroupWise Client 2012, Novell GroupWise Client 8.x, Novell GroupWise Server 8.x

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system.

1. An unspecified error. Can be exploited to dereference an untrusted pointer and execute arbitrary code on the target system.

2. An unspecified error in the element ActiveX. A remote user can execute arbitrary code on the target system.

Manufacturer URL: http://www.novell.com/

Solution: To resolve the vulnerability install the product, version 8.0.3 Hot Patch 2 or 2012 SP1 Hot Patch 1 from the manufacturer.

Links:

http://www.novell.com/support/kb/doc.php?id=7011687
http://www.novell.com/support/kb/doc.php?id=7011688

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s