Novell GroupWise Client 8.x < 8.0.3 / 2012.x < 2012 SP1 Unspecified File Handling Arbitrary Code Execution
High Nessus Plugin ID 62412
SynopsisThe remote Windows host contains an email application that is affected by an unspecified code execution vulnerability.
DescriptionThe version of Novell GroupWise Client installed on the remote Windows host is 8.x earlier than 8.0.3 (188.8.131.5255) or 2012.x earlier than 2012 SP1 (184.108.40.20631). As such, it is reportedly affected by an unspecified code execution vulnerability.
By tricking a user into opening a specially crafted file, a remote, unauthenticated attacker could potentially execute arbitrary code on the remote host subject to the privileges of the user running the affected application.
SolutionUpgrade to Novell GroupWise Client 8.0.3 (220.127.116.1155) / 2012 SP1 (18.104.22.16831) or later.