CVE-2008-2069

Novell GroupWise 7 - Buffer Overflow via Long Argument in mailto: URI

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2069. PoCs published by Juan Yacubian.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in GroupWise 7.0 via a malformed 'mailto' URI scheme. The PoC generates an HTML file with an iframe containing an overly long argument, which overwrites the EIP and can lead to arbitrary code execution.

Description

Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execute arbitrary code via a long argument in a mailto: URI.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Juan Yacubian · textdoswindows

https://www.exploit-db.com/exploits/5515

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in GroupWise 7.0 via a malformed 'mailto' URI scheme. The PoC generates an HTML file with an iframe containing an overly long argument, which overwrites the EIP and can lead to arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: GroupWise 7.0

No auth needed

Prerequisites: GroupWise 7.0 as default mail client · Victim to open the crafted HTML file

MITRE ATT&CK