Novell: >> Groupwise Messenger >> 2.0.3 Security Vulnerabilities
The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command.
CVSS Score
5.0
EPSS Score
0.017
Published
2011-12-08
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.
CVSS Score
10.0
EPSS Score
0.717
Published
2008-06-13
Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial of service (crash) via a long user ID, possibly involving a popup alert. NOTE: it is not clear whether this issue crosses privilege boundaries.
CVSS Score
5.0
EPSS Score
0.024
Published
2008-06-13