Remote Code Execution Vulnerability in Novell GroupWise 8.0 and 2012

Remote Code Execution Vulnerability in Novell GroupWise 8.0 and 2012

CVE-2012-0439 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via (1) a pointer argument to the SetEngine method or (2) an XPItem pointer argument to an unspecified method.

Learn more about our Web Application Penetration Testing UK.