CVE-2009-0410
Published Feb 3, 2009
Last updated 6 years ago
Overview
- Description
- Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AD18143-9962-4C0D-AD3D-66C0CF3FB5D0"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE640E9A-762B-4AF4-8677-818CBF16EA4E"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86DB474F-D101-4210-9DC1-7230E9CAE80D"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.02x:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D861C5BE-825C-4EED-994A-9DE38AB6EA2A"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D75C8A8-8162-4160-9295-2DA4D710AD58"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.03:hp1a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84293DF8-D11D-4CB4-99EC-EB60AF027B8C"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C52E2ABC-20AE-437A-83B0-2E0753787FB5"
}
],
"operator": "OR"
}
]
}
]