Vulnerabilities > Novell > Groupwise > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-08-29 | CVE-2014-0600 | Information Exposure vulnerability in Novell Groupwise 2014 FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287. | 7.8 |
2012-03-02 | CVE-2011-4189 | Code Injection vulnerability in Novell Groupwise 8.0/8.0.1/8.0.2 The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file. | 7.5 |
2009-05-26 | CVE-2009-1634 | Multiple Security vulnerability in Novell GroupWise WebAccess The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors. | 7.5 |
2005-08-03 | CVE-2005-2346 | Unspecified vulnerability in Novell Groupwise 6.5 Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section. | 7.5 |
2002-10-04 | CVE-2002-1088 | Buffer Overflow vulnerability in Novell Groupwise 6.0/6.0.1 Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command. | 7.5 |
2001-12-15 | CVE-2001-1195 | Authentication vulnerability in Novell Groupwise Servlet Gateway Default Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. | 7.5 |