Novell GroupWise 2014 Service Pack 2

CPE Details

Novell GroupWise 2014 Service Pack 2
novell
groupwise
2014
2020-06-12
14h47 +00:00
2020-06-12
14h47 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:novell:groupwise:2014:sp2:*:*:*:*:*:*

Informations

Vendor

novell

Product

groupwise

Version

2014

Update

sp2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2016-5760 2017-04-20 15h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allow remote attackers to inject arbitrary web script or HTML via the (1) token parameter to gwadmin-console/install/login.jsp or (2) PATH_INFO to gwadmin-console/index.jsp.
6.1
Moyen
CVE-2016-5761 2017-04-20 15h00 +00:00 Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email.
6.1
Moyen
CVE-2016-5762 2017-04-20 15h00 +00:00 Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password, which triggers a heap-based buffer overflow.
9.8
Critique
CVE-2014-0610 2014-09-04 23h00 +00:00 The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
10
CVE-2014-0600 2014-08-29 08h00 +00:00 FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.
7.8