Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2704

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-2704
Last Modified 07 Mar 2011 12:00:00
Published 13 Jun 2008 03:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2704

Summary

Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial of service (crash) via a long user ID, possibly involving a popup alert. NOTE: it is not clear whether this issue crosses privilege boundaries.

Vulnerable Systems

Application

  • Novell Groupwise Messenger 1.0.6

  • Novell Groupwise Messenger 2.0

  • Novell Groupwise Messenger 2.0.2

  • Novell Groupwise Messenger 2.0.3


References

SECUNIA - 30576

XF - groupwise-messenger-client-dos(42918)

VUPEN - ADV-2008-1764

SECTRACK - 1020209

BID - 29602

BUGTRAQ - 20080704 Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5026700.html


Last Updated: 27 May 2016 10:47:57