CVE-2010-4326

Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message.

Published: Jan 28, 2011
Updated: Apr 13, 2023
CVE: CVE-2010-4326
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
novell / groupwise	7.0.4	7.0.4.x
novell / groupwise	6.5-sp5	6.5-sp5.x
novell / groupwise	6.0	6.0.x
novell / groupwise	7.0	7.0.x
novell / groupwise	7.0.1	7.0.1.x
novell / groupwise	5.5	5.5.x
novell / groupwise	7.0.2	7.0.2.x
novell / groupwise	6.5.6	6.5.6.x
novell / groupwise	6.5.3	6.5.3.x
novell / groupwise	-	8.0.2.x
novell / groupwise	8.0.1	8.0.1.x
novell / groupwise	8.0	8.0.x
novell / groupwise	6.5-sp1	6.5-sp1.x
novell / groupwise	5.2	5.2.x
novell / groupwise	6.5.4	6.5.4.x
novell / groupwise	6.0-sp1	6.0-sp1.x
novell / groupwise	6.5-sp6	6.5-sp6.x
novell / groupwise	6.5-sp4	6.5-sp4.x
novell / groupwise	6.0-sp5	6.0-sp5.x
novell / groupwise	4.1	4.1.x
novell / groupwise	5.1	5.1.x
novell / groupwise	6.5-sp3	6.5-sp3.x
novell / groupwise	6.0.1-sp1	6.0.1-sp1.x
novell / groupwise	7.0.3	7.0.3.x
novell / groupwise	6.5	6.5.x
novell / groupwise	5.0	5.0.x
novell / groupwise	4.1a	4.1a.x
novell / groupwise	6.5.2	6.5.2.x
novell / groupwise	6.5-sp2	6.5-sp2.x
novell / groupwise	5.57e	5.57e.x
novell / groupwise	6.5.7	6.5.7.x

Vulnerability Database

289,697

CVE-2010-4326