Groove < 3.1.0 Build 2338 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 2923


The remote host is vulnerable to a buffer overflow.


The remote host is running Groove, a virtual office workspace that allows remote users to collaborate via the Internet. Groove uses centralized servers to keep remote workers synchronized with each other. This version of Groove is vulnerable to multiple remote attacks. The attacks stem from a lack of content parsing by the Groove product. An attacker exploiting these flaws would need to be able to entice a Groove user into opening or viewing malicious files or data from within the Groove application. Successful exploitation leads to the attacker being able to execute arbitrary code on the unsuspecting user.


Upgrade to version 3.1.0 build 2338 or higher.

See Also

Plugin Details

Severity: High

ID: 2923

File Name: 2923.prm

Family: Generic

Published: 2005/05/19

Modified: 2016/01/30

Dependencies: 2922

Nessus ID: 18355

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 9.8

Temporal Score: 9.4


Temporal Vector: CVSS3#E:ND/RL:O/RC:C

Reference Information

CVE: CVE-2005-1678, CVE-2005-1675, CVE-2005-1676, CVE-2005-1677

BID: 13682, 13684, 13685, 13686, 13688

OSVDB: 16693, 16694, 16696, 16697