Novell : Security Vulnerabilities, CVEs, Published In April 2007
Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Max CVSS
10.0
EPSS Score
94.92%
Published
2007-04-24
Updated
2018-10-16
ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file.
Max CVSS
7.8
EPSS Score
4.22%
Published
2007-04-30
Updated
2017-07-20
2 vulnerabilities found