CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2171

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile9.61th
PublishedApr 24, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.

Affected Platforms (CPE)

πŸ“¦
Novell

Groupwise

= 7.0
πŸ“¦
Novell

Groupwise

= 7.0

References & Advisories

πŸ”— http://download.novell.com/Download?buildid=8RF83go0nZg~
πŸ”— http://download.novell.com/Download?buildid=O9ucpbS1bK0~
πŸ”— http://secunia.com/advisories/24944
πŸ”— http://securityreason.com/securityalert/2610
πŸ”— http://www.securityfocus.com/archive/1/466212/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/23556
πŸ”— http://www.securitytracker.com/id?1017932
πŸ”— http://www.vupen.com/english/advisories/2007/1455

Related Vulnerabilities

CVE-2008-270310.0

Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attack...

CVE-2006-099210.0

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary co...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2009-041010.0

Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, ...

CVE-2007-2171 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space