Novell Messenger Client CVE-2013-1085 Unspecified Buffer Overflow Vulnerability
BID:58529
Info
Novell Messenger Client CVE-2013-1085 Unspecified Buffer Overflow Vulnerability
| Bugtraq ID: | 58529 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2013-1085 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 13 2013 12:00AM |
| Updated: | Mar 13 2013 12:00AM |
| Credit: | Luigi Auriemma |
| Vulnerable: |
Novell Messenger 2.2.1 Novell Messenger 2.2.0 Novell Messenger 2.1 |
| Not Vulnerable: | |
Discussion
Novell Messenger Client CVE-2013-1085 Buffer Overflow Vulnerability
Novell Messenger Client is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker could exploit this issue to execute arbitrary code in the context of the Administrator account. Failed exploit attempts will likely result in denial-of-service conditions.
The following products are affected:
Novell Messenger versions 2.1 and prior
Novell Messenger versions 2.2.1 and prior
Novell GroupWise Messenger versions 2.04 and prior
Novell Messenger Client is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker could exploit this issue to execute arbitrary code in the context of the Administrator account. Failed exploit attempts will likely result in denial-of-service conditions.
The following products are affected:
Novell Messenger versions 2.1 and prior
Novell Messenger versions 2.2.1 and prior
Novell GroupWise Messenger versions 2.04 and prior
Exploit / POC
Novell Messenger Client CVE-2013-1085 Unspecified Buffer Overflow Vulnerability
Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Novell Messenger Client CVE-2013-1085 Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Novell Messenger Client CVE-2013-1085 Buffer Overflow Vulnerability
References:
References:
- Novell GroupWise Homepage (Novell)
- Novell Homepage (Novell)