CVE-2009-1636 Information

Feb 14, 2021 cve

Description

Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command.

Reference

http://osvdb.org/54644 http://osvdb.org/54645 http://secunia.com/advisories/35177 http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1 http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1 http://www.securityfocus.com/archive/1/503724/100/0/threaded http://www.securityfocus.com/bid/35064 http://www.securityfocus.com/bid/35065 http://www.securitytracker.com/id?1022276 http://www.vupen.com/english/advisories/2009/1393 http://www.vupen.com/exploits/Novell_GroupWise_GWIA_Email_Address_Remote_Buffer_Overflow_Exploit_1393141.php http://www.vupen.com/exploits/Novell_GroupWise_GWIA_SMTP_Command_Remote_Buffer_Overflow_PoC_Exploit_1393140.php https://bugzilla.novell.com/show_bug.cgi?id=478892 https://bugzilla.novell.com/show_bug.cgi?id=482914 https://exchange.xforce.ibmcloud.com/vulnerabilities/50692 https://exchange.xforce.ibmcloud.com/vulnerabilities/50693

Share on: