CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.1%
Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.
Vendor | Product | Version | CPE |
---|---|---|---|
novell | groupwise | 6.5 | cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:* |
novell | groupwise | 7.0 | cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:* |
novell | groupwise | 7.01 | cpe:2.3:a:novell:groupwise:7.01:*:*:*:*:*:*:* |
novell | groupwise | 7.02x | cpe:2.3:a:novell:groupwise:7.02x:*:*:*:*:*:*:* |
novell | groupwise | 7.03 | cpe:2.3:a:novell:groupwise:7.03:*:*:*:*:*:*:* |
novell | groupwise | 7.03 | cpe:2.3:a:novell:groupwise:7.03:hp1a:*:*:*:*:*:* |
novell | groupwise | 8.0 | cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:* |