Vulnerability Description
Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Groupwise | 8.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/85426
- http://www.novell.com/support/kb/doc.php?id=7010769Vendor Advisory
- http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=61Exploit
- https://bugzilla.novell.com/show_bug.cgi?id=746199
- http://osvdb.org/85426
- http://www.novell.com/support/kb/doc.php?id=7010769Vendor Advisory
- http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=61Exploit
- https://bugzilla.novell.com/show_bug.cgi?id=746199
FAQ
What is CVE-2012-0271?
CVE-2012-0271 is a vulnerability with a CVSS score of 10.0 (HIGH). Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitra...
How severe is CVE-2012-0271?
CVE-2012-0271 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0271?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Groupwise.