Security Vulnerability: Novell Messenger Client for Windows Buffer Overflow Vulnerability
This document (7011935) is provided subject to the disclaimer at the end of this document.
Environment
Affected versions:
Novell Messenger 2.2.1 (and earlier)
Novell Messenger 2.1 (and earlier)
GroupWise Messenger 2.04 (and earlier)
Novell Messenger 2.2.1 (and earlier)
Novell Messenger 2.1 (and earlier)
GroupWise Messenger 2.04 (and earlier)
Situation
The Novell Messenger client for Windows is vulnerable to a buffer overflow vulnerability that could be exploited by a remote attacker to execute arbitrary code on vulnerable workstations.
This vulnerability was discovered and reported by Luigi Auriemma working with HP Enterprise Security's Zero Day Initiative (http://www.zerodayinitiative.com), ZDI-CAN-1339
Novell bug 777352, CVE-2013-1085
This vulnerability was discovered and reported by Luigi Auriemma working with HP Enterprise Security's Zero Day Initiative (http://www.zerodayinitiative.com), ZDI-CAN-1339
Novell bug 777352, CVE-2013-1085
Resolution
To resolve this issue, upgrade your Novell Messenger clients for Windows to version 2.2.2 (or higher).
Status
Security AlertBug Number
777352
Disclaimer
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7011935
- Creation Date:13-MAR-13
- Modified Date:14-MAR-13
- NovellMessenger
Did this document solve your problem? Provide Feedback