Novell Home

My Favorites

Close

Please to see your favorites.

Security Vulnerability: Novell Messenger Client for Windows Buffer Overflow Vulnerability

This document (7011935) is provided subject to the disclaimer at the end of this document.

Environment

Affected versions:
Novell Messenger 2.2.1 (and earlier)
Novell Messenger 2.1 (and earlier)
GroupWise Messenger 2.04 (and earlier)

Situation

The Novell Messenger client for Windows is vulnerable to a buffer overflow vulnerability that could be exploited by a remote attacker to execute arbitrary code on vulnerable workstations.

This vulnerability was discovered and reported by Luigi Auriemma working with HP Enterprise Security's Zero Day Initiative (http://www.zerodayinitiative.com), ZDI-CAN-1339

Novell bug 777352, CVE-2013-1085

Resolution

To resolve this issue, upgrade your Novell Messenger clients for Windows to version 2.2.2 (or higher).


Status

Security Alert

Bug Number

777352

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7011935
  • Creation Date:13-MAR-13
  • Modified Date:14-MAR-13
    • NovellMessenger

Did this document solve your problem? Provide Feedback