Vulnerability Details CVE-2007-2171
Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.349
EPSS Ranking 96.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://download.novell.com/Download?buildid=8RF83go0nZg~
- http://download.novell.com/Download?buildid=O9ucpbS1bK0~
- http://secunia.com/advisories/24944
- http://securityreason.com/securityalert/2610
- http://www.securityfocus.com/archive/1/466212/100/0/threaded
- http://www.securityfocus.com/bid/23556
- http://www.securitytracker.com/id?1017932
- http://www.vupen.com/english/advisories/2007/1455
- http://www.zerodayinitiative.com/advisories/ZDI-07-015.html
- http://download.novell.com/Download?buildid=8RF83go0nZg~
- http://download.novell.com/Download?buildid=O9ucpbS1bK0~
- http://secunia.com/advisories/24944
- http://securityreason.com/securityalert/2610
- http://www.securityfocus.com/archive/1/466212/100/0/threaded
- http://www.securityfocus.com/bid/23556
- http://www.securitytracker.com/id?1017932
- http://www.vupen.com/english/advisories/2007/1455
- http://www.zerodayinitiative.com/advisories/ZDI-07-015.html