CVE-2009-1636

Published: May 26, 2009Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command.

Affected (12)

Products: Novell: Groupwise

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Novell Groupwise	Version 7.0.0 sp1
Novell Groupwise	Version 7.0.0 sp2
Novell Groupwise	Version 7.0.2
Novell Groupwise	Version 7.0.3
Novell Groupwise	Version 7.01
Novell Groupwise	Version 7.03 hp1a
Novell Groupwise	Version 7.03 hp2
Novell Groupwise	Version 7.0
Novell Groupwise	Version 7.0 sp1
Novell Groupwise	Version 7.0 sp2
Novell Groupwise	Version 7.0 sp3
Novell Groupwise	Version 8.0 hp1

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (32)

http://osvdb.org/54644

Source: cve@mitre.org

http://osvdb.org/54645

Source: cve@mitre.org

http://secunia.com/advisories/35177

Source: cve@mitre.org

Vendor Advisory

http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1

Source: cve@mitre.org

http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/503724/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/35064

Source: cve@mitre.org

http://www.securityfocus.com/bid/35065

Source: cve@mitre.org

http://www.securitytracker.com/id?1022276

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1393

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/exploits/Novell_GroupWise_GWIA_Email_Address_Remote_Buffer_Overflow_Exploit_1393141.php

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/exploits/Novell_GroupWise_GWIA_SMTP_Command_Remote_Buffer_Overflow_PoC_Exploit_1393140.php

Source: cve@mitre.org

Vendor Advisory

https://bugzilla.novell.com/show_bug.cgi?id=478892

Source: cve@mitre.org

https://bugzilla.novell.com/show_bug.cgi?id=482914

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/50692

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/50693

Source: cve@mitre.org

http://osvdb.org/54644

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/54645

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35177

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/503724/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/35064

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/35065

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1022276

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/1393

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/exploits/Novell_GroupWise_GWIA_Email_Address_Remote_Buffer_Overflow_Exploit_1393141.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/exploits/Novell_GroupWise_GWIA_SMTP_Command_Remote_Buffer_Overflow_PoC_Exploit_1393140.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugzilla.novell.com/show_bug.cgi?id=478892

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.novell.com/show_bug.cgi?id=482914

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/50692

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/50693

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.