Novell Groupwise Client CVE-2011-4189 Address Book Parsing Remote Code Execution Vulnerability
BID:52233
Info
Novell Groupwise Client CVE-2011-4189 Address Book Parsing Remote Code Execution Vulnerability
| Bugtraq ID: | 52233 |
| Class: | Unknown |
| CVE: |
CVE-2011-4189 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 29 2012 12:00AM |
| Updated: | Feb 29 2012 12:00AM |
| Credit: | Francis Provencher |
| Vulnerable: |
Novell GroupWise 8.02HP3 0 Novell GroupWise 8.0 0 |
| Not Vulnerable: |
Novell GroupWise 8.0 Support Pack 2 0 Novell Groupwise 2012 0 |
Discussion
Novell Groupwise Client CVE-2011-4189 Address Book Parsing Remote Code Execution Vulnerability
Novell Groupwise Client is prone to a remote code-execution vulnerability.
Attackers could exploit this issue to execute arbitrary code in the context of the application. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition.
Novell GroupWise 8.0x through 8.02HP3 are vulnerable.
Novell Groupwise Client is prone to a remote code-execution vulnerability.
Attackers could exploit this issue to execute arbitrary code in the context of the application. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition.
Novell GroupWise 8.0x through 8.02HP3 are vulnerable.
Exploit / POC
Novell Groupwise Client CVE-2011-4189 Address Book Parsing Remote Code Execution Vulnerability
The following proof-of-concept is available:
The following proof-of-concept is available:
Solution / Fix
Novell Groupwise Client CVE-2011-4189 Address Book Parsing Remote Code Execution Vulnerability
Solution:
Vendor updates are available. Please see the referenced advisory for more information.
Solution:
Vendor updates are available. Please see the referenced advisory for more information.
References
Novell Groupwise Client CVE-2011-4189 Address Book Parsing Remote Code Execution Vulnerability
References:
References: