Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

Added: 02/18/2013
CVE: CVE-2012-0439
BID: 57658
OSVDB: 89700

Background

Novell GroupWise is an e-mail and collaboration product suite.

Problem

Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker to execute arbitrary memory.

Resolution

Apply GroupWise 8.0.3 Hot Patch 2 (or later) or GroupWise 2012 SP1 Hot Patch 1.

References

http://www.novell.com/support/kb/doc.php?id=7011688
http://www.zerodayinitiative.com/advisories/ZDI-13-008/

Limitations

This exploit has been tested against Novell GroupWise Client for Windows 2012 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

Platforms

Windows

Back to exploit index