10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.965 High
EPSS
Percentile
99.6%
The version of Novell GroupWise Internet Agent hosted on the remote host is affected by a buffer overflow vulnerability due to the way the application handles the Content-Length HTTP header when it contains the value -1. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.
Note that this version of GroupWise Internet Agent likely has other vulnerabilities (i.e., CVE-2012-0419), but Nessus has not checked for those issues.
Binary data groupwise_ia_cve-2012-0271.nbin