CVE-2012-0271

Published Sep 19, 2012

Last updated 3 months ago

CVSS info 10.0

Overview

Description: Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header.
Source: PSIRT-CNA@flexerasoftware.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-189

Hype score: Not currently trending

Evaluator

Comment: -
Impact: Per: http://www.novell.com/support/kb/doc.php?id=7010769 "Previous versions of GroupWise are likely also vulnerable but are no longer supported."
Solution: Per: http://www.novell.com/support/kb/doc.php?id=7010769 "Previous versions of GroupWise are likely also vulnerable but are no longer supported."

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C52E2ABC-20AE-437A-83B0-2E0753787FB5"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "892B744B-D807-41CC-9852-3606A0B1A676"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.01:hp:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42FB568C-5BC1-4A47-A10D-B032E15A9A0C"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3414CA73-0BEA-4FC4-8E14-CF2C30FC10E3"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.02:hp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30A35C50-53F0-4A0C-AEF5-93E89B50F25C"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.02:hp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDD788A1-C7C2-4146-B04B-A455F113D32C"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.02:hp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1E087E9-CE0A-464B-ADD3-0634961B0CCC"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38F289E2-A937-4891-AE7B-D4F7867D6D65"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:novell:groupwise:2012:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A002FE85-5FE4-4C03-A212-40263C5A2198"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22426725-2204-4750-87F6-A57BA727F213"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A61E70C4-FE03-42AA-9F9B-C8DEB3E12F34"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.57e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "125275B0-EBBB-491B-BBBA-434CBAF02DB9"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "194704B6-4820-4398-8906-A1E529ED65AF"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.0.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9A8D9A3-2369-4B08-8A73-2A66EFEB26E1"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AD18143-9962-4C0D-AD3D-66C0CF3FB5D0"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08A78BE7-6426-41CD-BBAF-9BB951726D33"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E50599E1-45E5-443F-AAEC-F91778CA4792"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0BB62B7-C895-4AB6-9CEB-4B312E334953"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A91EAC4C-8EEE-4050-B1AD-E677AD90327D"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7F65030-60A2-4EC2-A06D-EC5249FD9FA5"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CB8A6AD-94E4-4871-9BCA-EC637161E70D"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "814CAE15-78D8-4205-AC95-E07385A7B3DB"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "251EAE31-9799-453A-ABF7-F3D1C6602A81"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32AFA45E-7EA4-4067-BDB5-AB4391B3FE65"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B8BA202-8147-4837-8C14-C7A60E70EFEE"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D61CB70-5B89-4D12-AA31-9C4BF9A41813"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE640E9A-762B-4AF4-8677-818CBF16EA4E"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0.3:hp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7970E39B-4BE6-4042-9104-4D2A87EACD61"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0.3:hp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BACED130-AED7-4CBF-B135-579D53CEC937"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8897DB73-D299-41C8-B4E5-441A6D99F47C"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0.4:ftf:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F46B875-5184-40D9-880D-2D617AE3C796"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86DB474F-D101-4210-9DC1-7230E9CAE80D"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.01:ir1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB35306D-83C9-48DF-AE0A-98217AD54454"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D92B55AB-DDDB-46CE-AE57-00AD29596BB6"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.02:hp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46615AA7-C369-4C7D-B1D1-F80ABA17FA5F"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.02:hp1a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "028BBAF6-2C5B-43EC-B804-56C612F4B783"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.02:hp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A497EC1-2CAA-482B-A626-5EA738A681E3"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.02:hp2r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C5E13B1-B901-4ACC-8802-AC3A19F8C3D2"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D75C8A8-8162-4160-9295-2DA4D710AD58"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.03:hp:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C1659D0-92EC-46C4-9668-0A997AFF94C5"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.03:hp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4D63B03-C0A1-4366-B853-0D36CA0E6912"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.03:hp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D7696B3-12F7-4BC1-8DB9-7D1B6D1A620D"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.03:hp3\\+ftf:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AD88BAF-2609-4D72-8BD6-2A9A51D35758"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References