Vulnerability Details : CVE-2012-0417
Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.
Vulnerability category: OverflowExecute code
Products affected by CVE-2012-0417
- cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.00:hp1:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.00:hp2:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.02:hp2:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.02:hp3:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.01:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.01:hp:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.02:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.02:hp1:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:2012:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.00:hp3:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-0417
31.21%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-0417
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2012-0417
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-0417
-
http://www.novell.com/support/kb/doc.php?id=7010770
Security Vulnerability: GroupWise Internet Agent (GWIA) LDAP integer overflow vulnerabilityVendor Advisory
-
https://bugzilla.novell.com/show_bug.cgi?id=740041
Access Denied
-
http://download.novell.com/Download?buildid=O5hTjIiMdMo~
Downloads - GroupWise 8.0 SP3 Hot Patch 1 Full Release for Windows and NLM ENPatch
-
http://www.securitytracker.com/id?1027599
Novell GroupWise Internet Agent Integer Overflow Lets Remote Users Execute Arbitrary Code - SecurityTracker
Jump to