CVE-2012-0439

Novell GroupWise <8.0.3-2012.SP1 - RCE

Title source: llm

Description

An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via (1) a pointer argument to the SetEngine method or (2) an XPItem pointer argument to an unspecified method.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/24490

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/novell_groupwise_gwcls1_actvx.rb

View Code ZIP pw:eip

References (4)

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-13-008/

[Issue Tracking] https://bugzilla.novell.com/show_bug.cgi?id=743674

[Issue Tracking] https://bugzilla.novell.com/show_bug.cgi?id=712144

[Vendor Advisory] http://www.novell.com/support/kb/doc.php?id=7011688

Scores

EPSS 0.6830

EPSS Percentile 98.6%

Details

CWE

CWE-94

Status published

Products (6)

novell/groupwise 8.0

novell/groupwise 8.00 hp1 (3 CPE variants)

novell/groupwise 8.01 (2 CPE variants)

novell/groupwise 8.02 (4 CPE variants)

novell/groupwise 8.03 (2 CPE variants)

novell/groupwise 2012 (2 CPE variants)

Published Feb 24, 2013

Tracked Since Feb 18, 2026