Novell GroupWise Client 8.x < 8.0.3 / 2012.x < 2012 SP1 Unspecified File Handling Arbitrary Code Execution

High Nessus Plugin ID 62412


The remote Windows host contains an email application that is affected by an unspecified code execution vulnerability.


The version of Novell GroupWise Client installed on the remote Windows host is 8.x earlier than 8.0.3 ( or 2012.x earlier than 2012 SP1 ( As such, it is reportedly affected by an unspecified code execution vulnerability.

By tricking a user into opening a specially crafted file, a remote, unauthenticated attacker could potentially execute arbitrary code on the remote host subject to the privileges of the user running the affected application.


Upgrade to Novell GroupWise Client 8.0.3 ( / 2012 SP1 ( or later.

See Also

Plugin Details

Severity: High

ID: 62412

File Name: groupwise_client_803.nasl

Version: $Revision: 1.3 $

Type: local

Agent: windows

Family: Windows

Published: 2012/10/03

Modified: 2013/02/05

Dependencies: 58401

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:novell:groupwise

Required KB Items: SMB/Novell GroupWise Client/Path, SMB/Novell GroupWise Client/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/09/11

Vulnerability Publication Date: 2012/09/11

Reference Information

CVE: CVE-2012-0418

BID: 55729

OSVDB: 85802