RCE in Novell Groupwise

CVE-2013-0804

The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors.

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.332 (97.0th percentile) — read the EPSS interpretation.

Affected products

Novell Groupwise — versions 8.0, 8.00, 8.01
N/a — versions n/a

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM)