CyberSec.Space Logo
Back to CVE Browser

CVE-2009-0410

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile26.59th
PublishedFeb 3, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.

Affected Platforms (CPE)

πŸ“¦
Novell

Groupwise

= 6.5
πŸ“¦
Novell

Groupwise

= 7.0
πŸ“¦
Novell

Groupwise

= 7.01
πŸ“¦
Novell

Groupwise

= 7.02x
πŸ“¦
Novell

Groupwise

= 7.03
πŸ“¦
Novell

Groupwise

= 7.03
πŸ“¦
Novell

Groupwise

= 8.0

References & Advisories

πŸ”— http://download.novell.com/Download?buildid=GjZRRdqCFW0
πŸ”— http://secunia.com/advisories/33744
πŸ”— http://www.novell.com/support/viewContent.do?externalId=7002502
πŸ”— http://www.securityfocus.com/archive/1/500609/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/33560
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-09-010/
πŸ”— http://download.novell.com/Download?buildid=GjZRRdqCFW0
πŸ”— http://secunia.com/advisories/33744

Related Vulnerabilities

CVE-2007-217110.0

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows ...

CVE-2006-099210.0

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary co...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2008-270310.0

Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attack...