{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-14T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-03-30T09:00:00", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.novell.com/support/kb/doc.php?id=7010769"}, {"tags": ["x_refsource_MISC"], "url": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=61&Itemid=61"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.novell.com/show_bug.cgi?id=746199"}, {"name": "85426", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/85426"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2012-0271", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.novell.com/support/kb/doc.php?id=7010769", "refsource": "CONFIRM", "url": "http://www.novell.com/support/kb/doc.php?id=7010769"}, {"name": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=61&Itemid=61", "refsource": "MISC", "url": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=61&Itemid=61"}, {"name": "https://bugzilla.novell.com/show_bug.cgi?id=746199", "refsource": "CONFIRM", "url": "https://bugzilla.novell.com/show_bug.cgi?id=746199"}, {"name": "85426", "refsource": "OSVDB", "url": "http://osvdb.org/85426"}]}}}}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2012-0271", "datePublished": "2012-09-19T10:00:00", "dateReserved": "2011-12-30T00:00:00", "dateUpdated": "2013-03-30T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C52E2ABC-20AE-437A-83B0-2E0753787FB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:8.01:*:*:*:*:*:*:*", "matchCriteriaId": "892B744B-D807-41CC-9852-3606A0B1A676", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:8.01:hp:*:*:*:*:*:*", "matchCriteriaId": "42FB568C-5BC1-4A47-A10D-B032E15A9A0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:8.02:*:*:*:*:*:*:*", "matchCriteriaId": "3414CA73-0BEA-4FC4-8E14-CF2C30FC10E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:8.02:hp1:*:*:*:*:*:*", "matchCriteriaId": "30A35C50-53F0-4A0C-AEF5-93E89B50F25C", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:8.02:hp2:*:*:*:*:*:*", "matchCriteriaId": "DDD788A1-C7C2-4146-B04B-A455F113D32C", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:8.02:hp3:*:*:*:*:*:*", "matchCriteriaId": "E1E087E9-CE0A-464B-ADD3-0634961B0CCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:8.03:*:*:*:*:*:*:*", "matchCriteriaId": "38F289E2-A937-4891-AE7B-D4F7867D6D65", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:groupwise:2012:*:*:*:*:*:*:*", "matchCriteriaId": "A002FE85-5FE4-4C03-A212-40263C5A2198", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:groupwise:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "22426725-2204-4750-87F6-A57BA727F213", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "A61E70C4-FE03-42AA-9F9B-C8DEB3E12F34", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:5.57e:*:*:*:*:*:*:*", "matchCriteriaId": "125275B0-EBBB-491B-BBBA-434CBAF02DB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "194704B6-4820-4398-8906-A1E529ED65AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.0.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "E9A8D9A3-2369-4B08-8A73-2A66EFEB26E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2AD18143-9962-4C0D-AD3D-66C0CF3FB5D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "08A78BE7-6426-41CD-BBAF-9BB951726D33", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp2:*:*:*:*:*:*", "matchCriteriaId": "E50599E1-45E5-443F-AAEC-F91778CA4792", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp3:*:*:*:*:*:*", "matchCriteriaId": "F0BB62B7-C895-4AB6-9CEB-4B312E334953", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp4:*:*:*:*:*:*", "matchCriteriaId": "A91EAC4C-8EEE-4050-B1AD-E677AD90327D", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp5:*:*:*:*:*:*", "matchCriteriaId": "C7F65030-60A2-4EC2-A06D-EC5249FD9FA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5:sp6:*:*:*:*:*:*", "matchCriteriaId": "8CB8A6AD-94E4-4871-9BCA-EC637161E70D", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "814CAE15-78D8-4205-AC95-E07385A7B3DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "251EAE31-9799-453A-ABF7-F3D1C6602A81", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "32AFA45E-7EA4-4067-BDB5-AB4391B3FE65", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "5B8BA202-8147-4837-8C14-C7A60E70EFEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "3D61CB70-5B89-4D12-AA31-9C4BF9A41813", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE640E9A-762B-4AF4-8677-818CBF16EA4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0.3:hp4:*:*:*:*:*:*", "matchCriteriaId": "7970E39B-4BE6-4042-9104-4D2A87EACD61", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0.3:hp5:*:*:*:*:*:*", "matchCriteriaId": "BACED130-AED7-4CBF-B135-579D53CEC937", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "8897DB73-D299-41C8-B4E5-441A6D99F47C", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0.4:ftf:*:*:*:*:*:*", "matchCriteriaId": "8F46B875-5184-40D9-880D-2D617AE3C796", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.01:*:*:*:*:*:*:*", "matchCriteriaId": "86DB474F-D101-4210-9DC1-7230E9CAE80D", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.01:ir1:*:*:*:*:*:*", "matchCriteriaId": "EB35306D-83C9-48DF-AE0A-98217AD54454", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.02:*:*:*:*:*:*:*", "matchCriteriaId": "D92B55AB-DDDB-46CE-AE57-00AD29596BB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.02:hp1:*:*:*:*:*:*", "matchCriteriaId": "46615AA7-C369-4C7D-B1D1-F80ABA17FA5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.02:hp1a:*:*:*:*:*:*", "matchCriteriaId": "028BBAF6-2C5B-43EC-B804-56C612F4B783", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.02:hp2:*:*:*:*:*:*", "matchCriteriaId": "7A497EC1-2CAA-482B-A626-5EA738A681E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.02:hp2r1:*:*:*:*:*:*", "matchCriteriaId": "7C5E13B1-B901-4ACC-8802-AC3A19F8C3D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.03:*:*:*:*:*:*:*", "matchCriteriaId": "1D75C8A8-8162-4160-9295-2DA4D710AD58", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.03:hp:*:*:*:*:*:*", "matchCriteriaId": "3C1659D0-92EC-46C4-9668-0A997AFF94C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.03:hp2:*:*:*:*:*:*", "matchCriteriaId": "C4D63B03-C0A1-4366-B853-0D36CA0E6912", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.03:hp3:*:*:*:*:*:*", "matchCriteriaId": "9D7696B3-12F7-4BC1-8DB9-7D1B6D1A620D", "vulnerable": true}, {"criteria": "cpe:2.3:a:novell:groupwise:7.03:hp3\\+ftf:*:*:*:*:*:*", "matchCriteriaId": "4AD88BAF-2609-4D72-8BD6-2A9A51D35758", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header."}, {"lang": "es", "value": "Un desbordamiento de entero en el componente de consola web en gwia.exe en el Agente de Internet de GroupWise (GWIA) en Novell GroupWise v8.0 antes de v8.0.3 HP1 y 2012 antes de SP1 podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una solicitud hecha a mano que dispara un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap), tal y como queda demostrado con una solicitud con un -1 en la cabecera HTTP \"Content-Length\".\r\n"}], "evaluatorImpact": "Per: http://www.novell.com/support/kb/doc.php?id=7010769\r\n\r\n\"Previous versions of GroupWise are likely also vulnerable but are no longer supported.\"", "id": "CVE-2012-0271", "lastModified": "2013-04-02T03:14:42.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-09-19T10:57:01.810", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://osvdb.org/85426"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://www.novell.com/support/kb/doc.php?id=7010769"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Exploit"], "url": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=61&Itemid=61"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "https://bugzilla.novell.com/show_bug.cgi?id=746199"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}