CVE-2012-0271

Novell GroupWise <8.0.3-2012.SP1 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-0271. PoCs published by Francis Provencher.

AI-analyzed exploit summary This exploit triggers an integer overflow in Novell GroupWise Internet Agent (gwia.exe) by sending a crafted HTTP request with a negative Content-Length header, leading to a heap-based buffer overflow. The PoC demonstrates the vulnerability but does not include a payload for arbitrary code execution.

Description

Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/21326

View Code ZIP pw:eip

This exploit triggers an integer overflow in Novell GroupWise Internet Agent (gwia.exe) by sending a crafted HTTP request with a negative Content-Length header, leading to a heap-based buffer overflow. The PoC demonstrates the vulnerability but does not include a payload for arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Novell GroupWise 8.0.2 HP3 and 2012

No auth needed

Prerequisites: Network access to the GroupWise Internet Agent (TCP port 9850)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory x_refsource_confirm

http://www.novell.com/support/kb/doc.php?id=7010769

Exploit x_refsource_misc

http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=61&Itemid=61

Issue Tracking x_refsource_confirm

https://bugzilla.novell.com/show_bug.cgi?id=746199

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/85426

Scores

EPSS 0.1709

EPSS Percentile 96.7%

Details

CWE

CWE-189

Status published

Products (22)

novell/groupwise 8.0

novell/groupwise 8.01 (2 CPE variants)

novell/groupwise 8.02 (4 CPE variants)

novell/groupwise 8.03

novell/groupwise 2012

novell/groupwise 5.2

novell/groupwise 5.5

novell/groupwise 5.57e

novell/groupwise 6.0

novell/groupwise 6.0.1 sp1

... and 12 more

Published Sep 19, 2012

Tracked Since Feb 18, 2026