Test ID:	1.3.6.1.4.1.25623.1.0.800973
Category:	Buffer overflow
Title:	Novell Groupwise Client ActiveX Control Buffer Overflow Vulnerability
Summary:	Check the version of Novell Groupwise Client ActiveX control
Description:	Overview: This host is installed with Novell Groupwise Client ActiveX Control and is prone to Buffer Overflow vulnerability. Vulnerability Insight: A boundary error occurs in Novell Groupwise Client ActiveX control (gxmim1.dll) while handling overly long arguments passed to the 'SetFontFace()' method. Impact: Successful expoitation will allow remote attackers to execute arbitrary code on the affected system and may crash the client. Affected Software/OS: Novell GroupWise Client 7.0.3.1294 and prior on Windows. Fix: No solution or patch is available as of 09th November, 2009. Information regarding this issue will be updated once the solution details are available. For further updates refer, http://www.novell.com/products/groupwise/ Workaround: Set the Killbit for the vulnerable CLSID http://support.microsoft.com/kb/240797 References: http://www.milw0rm.com/exploits/9683 http://en.securitylab.ru/nvd/387373.php
Cross-Ref:	BugTraq ID: 36398 Common Vulnerability Exposure (CVE) ID: CVE-2009-3863 http://www.milw0rm.com/exploits/9683
Copyright	Copyright (C) 2009 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: