返回 CVE 浏览器

CVE-2009-0410

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0600%

EPSS Percentile26.59th

Published2009年2月3日

Last Modified2026年4月23日

Vulnerability Description

Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.

Affected Platforms (CPE)

📦

Novell

Groupwise

= 6.5

📦

Novell

Groupwise

= 7.0

📦

Novell

Groupwise

= 7.01

📦

Novell

Groupwise

= 7.02x

📦

Novell

Groupwise

= 7.03

📦

Novell

Groupwise

= 7.03

📦

Novell

Groupwise

= 8.0

References & Advisories

🔗 http://download.novell.com/Download?buildid=GjZRRdqCFW0

🔗 http://secunia.com/advisories/33744

🔗 http://www.novell.com/support/viewContent.do?externalId=7002502

🔗 http://www.securityfocus.com/archive/1/500609/100/0/threaded

🔗 http://www.securityfocus.com/bid/33560

🔗 http://www.zerodayinitiative.com/advisories/ZDI-09-010/

🔗 http://download.novell.com/Download?buildid=GjZRRdqCFW0

🔗 http://secunia.com/advisories/33744

相关漏洞威胁

CVE-2007-217110.0

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows ...

CVE-2006-099210.0

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary co...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2008-270310.0

Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attack...