Novell GroupWise Windows Client API Shared Folder Email Information Disclosure Vulnerability

Novell GroupWise Windows Client API Shared Folder Email Information Disclosure Vulnerability

Novell GroupWise Windows Client API is prone to an information-disclosure vulnerability. This issue affects the handling of shared folders.

Successfully exploiting this issue allows remote, authenticated attackers to gain access to non-shared email contained in a targeted user's mailbox. To exploit this issue, attackers must be permitted access to the shared folder of another user.

This issue affects Novell GroupWise 6.5 and 7. Previous versions may also be affected.