Heap-based Buffer Overflow in NgwiCalVTimeZoneBody::ParseSelf Function in GroupWise Internet Agent (GWIA)
CVE-2011-0333 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error."
Learn more about our Web Application Penetration Testing UK.