CVE-2009-1636

{"id": "CVE-2009-1636", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-05-26T15:30:05.343", "references": [{"url": "http://osvdb.org/54644", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/54645", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/35177", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/503724/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/35064", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/35065", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1022276", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/1393", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/exploits/Novell_GroupWise_GWIA_Email_Address_Remote_Buffer_Overflow_Exploit_1393141.php", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/exploits/Novell_GroupWise_GWIA_SMTP_Command_Remote_Buffer_Overflow_PoC_Exploit_1393140.php", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.novell.com/show_bug.cgi?id=478892", "source": "cve@mitre.org"}, {"url": "https://bugzilla.novell.com/show_bug.cgi?id=482914", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50692", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50693", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en el componente the Internet Agent (tambien conocido como GWIA) en Novell GroupWise v7.x anteriores a v7.03 HP3 y v8.x anteriores v8.0 HP2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) una direcci\u00f3n de correo electr\u00f3nico manipulada en una sesi\u00f3n SMTP o (2) un comando SMTP."}], "lastModified": "2018-10-10T19:37:50.627", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE640E9A-762B-4AF4-8677-818CBF16EA4E"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9FBB457-FDC0-485F-951A-C0A7661A92B0"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8661AFFB-5CAF-4D44-A617-E0330C764BDE"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF66EFEE-DAB2-4455-96F2-50D3E9456485"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "422F4B8A-8133-4DE2-9749-41E3DE0031DB"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0.0:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD25DC76-F3BE-4A0E-86DC-D27F4948446E"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD0AA3F3-6BE4-4CCC-838F-E8BD1F06590B"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D3BCF9F-9CDA-4DFD-AC39-2624BCFAAD96"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86DB474F-D101-4210-9DC1-7230E9CAE80D"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.03:hp1a:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84293DF8-D11D-4CB4-99EC-EB60AF027B8C"}, {"criteria": "cpe:2.3:a:novell:groupwise:7.03:hp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4D63B03-C0A1-4366-B853-0D36CA0E6912"}, {"criteria": "cpe:2.3:a:novell:groupwise:8.0:hp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97206FE4-E1F1-40EC-BC01-A0125FB3B20F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}