 |
Name:
Email.Attachment.Mailto.URI.Buffer.Overflow
|
Released Date:
May 9 2008
|
Severity:
critical
|
CVE:
2008-2069
|
|
|
Bugtraq:
28969
|
|
|
|
|
FortiGuard Center
> Vulnerability Encyclopedia
In-Depth Analysis
|
Description
|
|
This indicates a buffer overflow vulnerability in Novell GroupWise. This vulnerability is caused by a buffer overflow error when processing overly long "mailto:" URIs, which could be exploited by attackers to crash an affected application or execute arbitrary code by tricking a user into following a specially crafted link or opening a malicious HTML attachment.
|
|
|
|
Impact
|
System Compromise
Denial of Service
|
|
|
|
Affected Products
|
|
Novell Groupwise 7.0
|
|
Aliases
|
|
References
|
http://www.securityfocus.com/bid/28969
http://www.frsirt.com/english/advisories/2008/1393
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-2069
|
|
Recommended Actions
|
Contact your vendor for upgrade or patch information:
http://www.novell.com/products/groupwise/.
|
|
