D12-3bm01
CVSS:
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2012
Description
This strike exploits a buffer overflow vulnerability in Novell Groupwise.
The vulnerability is due to failure to validate token values when parsing Novell Address Book (.nab) files.
By enticing a user to open a crafted file with the vulnerabile application, an attacker could execute arbitrary code on the user's system.