Skip to main content

Groupwise CVE-2012-0418

CRITICAL
2012-09-28 cve@mitre.org
9.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
AV:N/AC:M/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:C/I:C/A:C
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Sep 28, 2012 - 10:40 cve.org
CRITICAL 9.3

DescriptionCVE.org

Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file.

AnalysisAI

Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Technical ContextAI

Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file. Affected products include: Novell Groupwise.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2012-0439 CRITICAL POC
9.3 Feb 24

An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows r

CVE-2012-0419 MEDIUM POC
5.0 Sep 28

Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 be

CVE-2012-0271 CRITICAL POC
10.0 Sep 19

Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 befo

CVE-2013-0804 CRITICAL POC
10.0 Feb 24

The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary

CVE-2016-5762 CRITICAL
9.8 Apr 20

Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remo

CVE-2014-0610 CRITICAL
10.0 Sep 05

The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers

CVE-2012-0417 CRITICAL
10.0 Sep 28

Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Suppor

CVE-2014-0600 HIGH
7.8 Aug 29

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or w

CVE-2018-12468 HIGH
7.2 Aug 01

A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attack

CVE-2016-9169 MEDIUM
6.1 Mar 23

A reflected XSS vulnerability exists in the web console of the Document Viewer Agent in Novell GroupWise before 2014 R2

CVE-2016-5761 MEDIUM
6.1 Apr 20

Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote att

CVE-2016-5760 MEDIUM
6.1 Apr 20

Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Novell GroupWise before 2014 R2 Serv

Share

CVE-2012-0418 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy