exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-243
Posted Nov 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-243 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwwww1.dll module responsible for parsing VCALENDAR data within e-mail messages. When the code encounters a TZNAME variable it allocates up to 0xFFFF bytes for the variable's value. It then proceeds to copy the value into the fixed-length buffer without checking if it will fit. By specifying a large enough string in the e-mail, an attacker can overflow the buffer and execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary
MD5 | 6f55bf4a2693aff88ae1f778ff066b7e
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Lime Scooters Hacked In Australia To Say Sexual Things
Posted Apr 24, 2019

tags | headline, hacker, australia
Hotspot App Exposed 2 Million Wi-Fi Network Passwords
Posted Apr 24, 2019

tags | headline, data loss, flaw, password
Hackers Hit Atlanta Hawks Shop With Malware
Posted Apr 24, 2019

tags | headline, hacker, bank, cybercrime, fraud
Congress Sends Letter To Google For Details On Sensorvault Location Tracking Database
Posted Apr 24, 2019

tags | headline, government, privacy, usa, google, spyware
Facebook Profits Likely To Fall After Fake News And Privacy Scandals
Posted Apr 24, 2019

tags | headline, privacy, russia, data loss, fraud, facebook, social
Intelsat-29e Declared A Total Loss
Posted Apr 23, 2019

tags | headline, government, data loss, cyberwar, spyware
France's Secure Telegram Replacement Hacked In An Hour
Posted Apr 23, 2019

tags | headline, hacker, government, privacy, phone, flaw, france
Edward Snowden Claims Without Asylum He Would Be In Gitmo Or Dead
Posted Apr 23, 2019

tags | headline, government, usa, russia, data loss, cyberwar, nsa, cia
Loose Online Lips Sink Hack Targeting Governments And Embassies
Posted Apr 23, 2019

tags | headline, government, privacy, data loss, cyberwar
Court Rules Chelsea Manning Must Stay In Jail
Posted Apr 22, 2019

tags | headline, government, usa, data loss, military
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close