Novell Groupwise Client CVE-2012-0439 ActiveX Control Remote Code Execution Vulnerability
Novell Groupwise Client is prone to a remote code-execution vulnerability because it fails to sufficiently validate user-supplied data.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.
The following versions are vulnerable:
Versions prior to GroupWise 8.0.3 Hot Patch 2
Versions prior to GroupWise 2012 SP1 Hot Patch 1