Vulnerabilities > Novell > Groupwise > 6.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-01-31 | CVE-2010-4713 | Numeric Errors vulnerability in Novell Groupwise Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header. | 10.0 |
2011-01-31 | CVE-2010-4712 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data. | 10.0 |
2011-01-31 | CVE-2010-4711 | Resource Management Errors vulnerability in Novell Groupwise Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command. | 10.0 |
2011-01-28 | CVE-2010-4326 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message. | 10.0 |
2011-01-28 | CVE-2010-4325 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message. | 10.0 |
2007-12-18 | CVE-2007-6435 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Stack-based buffer overflow in Novell GroupWise before 6.5.7, when HTML preview of e-mail is enabled, allows user-assisted remote attackers to execute arbitrary code via a long SRC attribute in an IMG element when forwarding or replying to a crafted e-mail. | 9.3 |
2007-07-05 | CVE-2007-3571 | Information Disclosure vulnerability in Groupwise The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. network novell | 4.3 |
2006-06-29 | CVE-2006-3268 | Unspecified vulnerability in Novell Groupwise Unspecified vulnerability in the Windows Client API in Novell GroupWise 5.x through 7 might allow users to obtain "random programmatic access" to other email within the same post office. | 5.0 |
2005-08-17 | CVE-2005-2620 | Unspecified vulnerability in Novell Groupwise 6.0/6.5/6.5.2 grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory. | 5.0 |
2004-12-31 | CVE-2004-2336 | Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server. | 5.0 |