CVE-2009-1636

EUVD-2009-1631
Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
novellgroupwise
7.0
novellgroupwise
7.0:sp1
novellgroupwise
7.0:sp2
novellgroupwise
7.0:sp3
novellgroupwise
7.0.0:sp1
novellgroupwise
7.0.0:sp2
novellgroupwise
7.0.2
novellgroupwise
7.0.3
novellgroupwise
7.01
novellgroupwise
7.03:hp1a
novellgroupwise
7.03:hp2
novellgroupwise
8.0:hp1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/54644
http://osvdb.org/54645
http://secunia.com/advisories/35177
http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1
http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1
http://www.securityfocus.com/archive/1/503724/100/0/threaded
http://www.securityfocus.com/bid/35064
http://www.securityfocus.com/bid/35065
http://www.securitytracker.com/id?1022276
http://www.vupen.com/english/advisories/2009/1393
http://www.vupen.com/exploits/Novell_GroupWise_GWIA_Email_Address_Remote_Buffer_Overflow_Exploit_1393141.php
http://www.vupen.com/exploits/Novell_GroupWise_GWIA_SMTP_Command_Remote_Buffer_Overflow_PoC_Exploit_1393140.php
https://bugzilla.novell.com/show_bug.cgi?id=478892
https://bugzilla.novell.com/show_bug.cgi?id=482914
https://exchange.xforce.ibmcloud.com/vulnerabilities/50692
https://exchange.xforce.ibmcloud.com/vulnerabilities/50693
http://osvdb.org/54644
http://osvdb.org/54645
http://secunia.com/advisories/35177
http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1
http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1
http://www.securityfocus.com/archive/1/503724/100/0/threaded
http://www.securityfocus.com/bid/35064
http://www.securityfocus.com/bid/35065
http://www.securitytracker.com/id?1022276
http://www.vupen.com/english/advisories/2009/1393
http://www.vupen.com/exploits/Novell_GroupWise_GWIA_Email_Address_Remote_Buffer_Overflow_Exploit_1393141.php
http://www.vupen.com/exploits/Novell_GroupWise_GWIA_SMTP_Command_Remote_Buffer_Overflow_PoC_Exploit_1393140.php
https://bugzilla.novell.com/show_bug.cgi?id=478892
https://bugzilla.novell.com/show_bug.cgi?id=482914
https://exchange.xforce.ibmcloud.com/vulnerabilities/50692
https://exchange.xforce.ibmcloud.com/vulnerabilities/50693