Arbitrary Code Execution via Signed Integer in Content-Type Header

Arbitrary Code Execution via Signed Integer in Content-Type Header

CVE-2010-4713 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header.

Learn more about our Web Application Penetration Testing UK.