CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-2171

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile9.61th
Published2007年4月24日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.

Affected Platforms (CPE)

📦
Novell

Groupwise

= 7.0
📦
Novell

Groupwise

= 7.0

References & Advisories

🔗 http://download.novell.com/Download?buildid=8RF83go0nZg~
🔗 http://download.novell.com/Download?buildid=O9ucpbS1bK0~
🔗 http://secunia.com/advisories/24944
🔗 http://securityreason.com/securityalert/2610
🔗 http://www.securityfocus.com/archive/1/466212/100/0/threaded
🔗 http://www.securityfocus.com/bid/23556
🔗 http://www.securitytracker.com/id?1017932
🔗 http://www.vupen.com/english/advisories/2007/1455

関連する脆弱性情報

CVE-2008-270310.0

Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attack...

CVE-2006-099210.0

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary co...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2009-041010.0

Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, ...