
Vulnerabilities in Novell GroupWise
Vulnerability: Multiple vulnerabilities in Novell GroupWise
Danger level: High
Patch: Yes
Number of vulnerabilities: 2
CVE ID: CVE-2012-0439
CVE-2013-0804
Vector of operation: Remote
Impact: System Compromise
Affected Products: Novell GroupWise Client 2012, Novell GroupWise Client 8.x, Novell GroupWise Server 8.x
Affected versions: Novell GroupWise 2012, Novell GroupWise Client 2012, Novell GroupWise Client 8.x, Novell GroupWise Server 8.x
Description:
Which can be exploited by malicious people to execute arbitrary code on the target system.
1. An unspecified error. Can be exploited to dereference an untrusted pointer and execute arbitrary code on the target system.
2. An unspecified error in the element ActiveX. A remote user can execute arbitrary code on the target system.
Manufacturer URL: http://www.novell.com/
Solution: To resolve the vulnerability install the product, version 8.0.3 Hot Patch 2 or 2012 SP1 Hot Patch 1 from the manufacturer.
Links:
http://www.novell.com/support/kb/doc.php?id=7011687
http://www.novell.com/support/kb/doc.php?id=7011688