CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2010-4714

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1840%
EPSS Percentile40.41th
Published2011年1月31日
Last Modified2026年4月29日

Vulnerability Description

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.

Affected Platforms (CPE)

📦
Novell

Groupwise

<= 8.0.2
📦
Novell

Groupwise

= 4.1
📦
Novell

Groupwise

= 4.1a
📦
Novell

Groupwise

= 5.0
📦
Novell

Groupwise

= 5.1
📦
Novell

Groupwise

= 5.2
📦
Novell

Groupwise

= 5.5
📦
Novell

Groupwise

= 5.5
📦
Novell

Groupwise

= 5.57e
📦
Novell

Groupwise

= 6.0
📦
Novell

Groupwise

= 6.0
📦
Novell

Groupwise

= 6.0
📦
Novell

Groupwise

= 6.0.1
📦
Novell

Groupwise

= 6.5
📦
Novell

Groupwise

= 6.5
📦
Novell

Groupwise

= 6.5
📦
Novell

Groupwise

= 6.5
📦
Novell

Groupwise

= 6.5
📦
Novell

Groupwise

= 6.5
📦
Novell

Groupwise

= 6.5
📦
Novell

Groupwise

= 6.5.2
📦
Novell

Groupwise

= 6.5.3
📦
Novell

Groupwise

= 6.5.4
📦
Novell

Groupwise

= 6.5.6
📦
Novell

Groupwise

= 6.5.7
📦
Novell

Groupwise

= 7.0
📦
Novell

Groupwise

= 7.0.1
📦
Novell

Groupwise

= 7.0.2
📦
Novell

Groupwise

= 7.0.3
📦
Novell

Groupwise

= 7.0.4
📦
Novell

Groupwise

= 8.0
📦
Novell

Groupwise

= 8.0.1

References & Advisories

🔗 http://www.facebook.com/note.php?note_id=477865030928
🔗 http://www.novell.com/support/viewContent.do?externalId=7007159&sliceId=1
🔗 http://zerodayinitiative.com/advisories/ZDI-10-247/
🔗 https://bugzilla.novell.com/show_bug.cgi?id=627942
🔗 http://www.facebook.com/note.php?note_id=477865030928
🔗 http://www.novell.com/support/viewContent.do?externalId=7007159&sliceId=1
🔗 http://zerodayinitiative.com/advisories/ZDI-10-247/
🔗 https://bugzilla.novell.com/show_bug.cgi?id=627942

相關漏洞威脅

CVE-2007-217110.0

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows ...

CVE-2006-099210.0

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary co...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2008-270310.0

Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attack...