Lucene search

[email protected]NVD:CVE-2013-1085

HistoryMar 29, 2013 - 4:09 p.m.

CVE-2013-1085

2013-03-2916:09:05

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.472 Medium

EPSS

Percentile

97.5%

JSON

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter.

Affected configurations

NVD

Node

novellgroupwise_messengerRange≤2.0.4

novellgroupwise_messengerMatch1.0.6

novellgroupwise_messengerMatch2.0

novellgroupwise_messengerMatch2.0.2

Node

novellmessengerRange≤2.1

Node

novellmessengerRange≤2.2.1

novellmessengerMatch2.2.0

References

www.novell.com/support/kb/doc.php?id=7011935

www.zerodayinitiative.com/advisories/ZDI-13-036/

bugzilla.novell.com/show_bug.cgi?id=777352

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.472 Medium

EPSS

Percentile

97.5%

JSON

Related for NVD:CVE-2013-1085

cve1 nessus1 prion1 checkpoint_advisories1 cvelist1 zdi1