1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Novell Groupwise Client CVE-2012-0439

Web Attack: Novell Groupwise Client CVE-2012-0439

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a vulnerability in Novell Groupwise Client's ActiveX Control which may lead to remote code execution.

Additional Information

Novell GroupWise is collaboration software available for a number of platforms, including Linux and Microsoft Windows. Novell GroupWise Client allows users to access Novell services from remote computers.

Novell GroupWise is prone to a remote code-execution vulnerability that affects the unspecified ActiveX component.

Attackers can exploit this issue to execute arbitrary code within the context of the affected application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.

Affected

  • Versions prior to GroupWise 8.0.3 Hot Patch 2
  • Versions prior to GroupWise 2012 SP1 Hot Patch 1
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube