Novell GroupWise Client 8.x < 8.0.3 Hot Patch 4 / 2012 < 2012 SP3 / 2014 < 2014 SP1 Multiple Dereference Vulnerabilities

critical Nessus Plugin ID 77665

Synopsis

The remote Windows host contains an email application that is affected by multiple untrusted pointer dereference vulnerabilities.

Description

The Novell GroupWise Client installed on the remote Windows host is version 8.x prior to 8.0.3 Hot Patch 4 (8.0.3.36955), version 2012 prior to 2012 SP3 (12.0.3.26810), or version 2014 prior to 2014 SP1 (14.0.1.27118). It is, therefore, affected by multiple untrusted pointer dereference vulnerabilities.

Solution

Upgrade to Novell GroupWise Client 8.0.3 Hot Patch 4 (8.0.3.36955) / 2012 SP3 (12.0.3.26810) / 2014 SP1 (14.0.1.27118) or later.

See Also

https://support.microfocus.com/kb/doc.php?id=7015565

Plugin Details

Severity: Critical

ID: 77665

File Name: groupwise_client_803_hp4.nasl

Version: 1.3

Type: local

Agent: windows

Family: Windows

Published: 9/12/2014

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:novell:groupwise

Required KB Items: SMB/Novell GroupWise Client/Path, SMB/Novell GroupWise Client/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 8/20/2014

Vulnerability Publication Date: 8/20/2014

Reference Information

CVE: CVE-2014-0610

BID: 69649