Novell Messenger Client CVE-2013-1085 Buffer Overflow Vulnerability

Novell Messenger Client is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker could exploit this issue to execute arbitrary code in the context of the Administrator account. Failed exploit attempts will likely result in denial-of-service conditions.

The following products are affected:

Novell Messenger versions 2.1 and prior
Novell Messenger versions 2.2.1 and prior
Novell GroupWise Messenger versions 2.04 and prior


 

Privacy Statement
Copyright 2010, SecurityFocus