Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Novell Groupwise
Опубликовано:2 октября 2011 г.
Источник:
SecurityVulns ID:11940
Тип:удаленная
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, переполнения буфера, целочисленные переполнения, переполнения индекса массива.
Затронутые продукты:NOVELL : GroupWise 8.02
CVE:CVE-2011-2663 (Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message.)
 CVE-2011-2662 (Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message.)
 CVE-2011-0334 (Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file.)
 CVE-2011-0333 (Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error.")
 CVE-2010-4325 (Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.)
Оригинальный текстdocumentSECUNIA, Secunia Research: Novell GroupWise Internet Agent HTTP Interface Buffer Overflow (02.10.2011)
 documentSECUNIA, Secunia Research: Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability (02.10.2011)
 documentIDEFENSE, iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability (02.10.2011)
 documentVUPEN Security Research, VUPEN Security Research - Novell GroupWise "TZNAME" Remote Buffer Overflow Vulnerability (02.10.2011)
 documentVUPEN Security Research, VUPEN Security Research - Novell GroupWise "BYWEEKNO" Remote Memory Corruption Vulnerability (02.10.2011)
 documentVUPEN Security Research, VUPEN Security Research - Novell GroupWise "integerList" Remote Buffer Overflow Vulnerability (02.10.2011)
 documentVUPEN Security Research, VUPEN Security Research - Novell GroupWise "RRULE" Remote Buffer Overflow Vulnerability (02.10.2011)
 documentIDEFENSE, iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE Weekday Recurrence Heap Overflow Vulnerability (02.10.2011)
 documentIDEFENSE, iDefense Security Advisory 09.26.11: Novell GroupWise iCal Date Invalid Array Indexing Vulnerability (02.10.2011)
 documentIDEFENSE, iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability (02.10.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород