Trend Micro Security

Novell Groupwise Integer Overflow Vulnerability

2015年7月21日
  危険度: : 緊急
  CVE識別番号: CVE-2012-0271

  概要

Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1005210
  Trend Micro Deep Security DPI Rule Name: 1005210 - Novell GroupWise Internet Agent Remote Integer Overflow Vulnerability

  影響を受けるソフトウェア

  • novell groupwise 2012
  • novell groupwise 5.2
  • novell groupwise 5.5
  • novell groupwise 5.57e
  • novell groupwise 6.0
  • novell groupwise 6.0.1
  • novell groupwise 6.5
  • novell groupwise 6.5.2
  • novell groupwise 6.5.3
  • novell groupwise 6.5.4
  • novell groupwise 6.5.6
  • novell groupwise 6.5.7
  • novell groupwise 7.0
  • novell groupwise 7.0.3
  • novell groupwise 7.0.4
  • novell groupwise 7.01
  • novell groupwise 7.02
  • novell groupwise 7.03
  • novell groupwise 8.0
  • novell groupwise 8.01
  • novell groupwise 8.02
  • novell groupwise 8.03