Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2662

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-2662
Last Modified 14 May 2012 12:00:00
Published 07 Oct 2011 10:52:52
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2662

Summary

Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message.

Vulnerable Systems

Application

  • Novell Groupwise 8.0


References

IDEFENSE - 20110926 Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=707527

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=7009215


Last Updated: 27 May 2016 10:57:04