Buffer overflow in Novell Groupwise

CVE-2011-3827

The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted date-time strin…

Vulnerability class: Buffer Overflow

EPSS: 0.036 (88.1th percentile) — read the EPSS interpretation.

Affected products

Novell Groupwise — versions 8.0, 8.00
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM, Vendor Advisory)
PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)
20120917 Secunia Research: Novell GroupWise iCalendar Date/Time Parsing Denial of Service (mailing-list, x_refsource_BUGTRAQ)
PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)
1027540 (vdb-entry, x_refsource_SECTRACK)