DescriptionHeap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error."
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- TID7009208, published Sat May 19 21:50:36 CEST 2018