Intrusion Prevention

Novell.GroupWise.iCal.RRULE.Time.Conversion.Invalid.Array.Index

Description

This indicates an attack attempt against a Memory Corruption vulnerability in Novell GroupWise Internet Agent.
The vulnerability is caused by an error when the vulnerable software handles an "iCal" file that includes a malicious parameter. It may allow remote attackers to execute arbitrary code by sending a crafted "iCal" file.

Affected Products

Novell Groupwise prior to 8.02 HP3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply fixes or patches from the vendor, available from the website:
http://www.novell.com/support/viewContent.do?externalId=7009216

CVE References

CVE-2011-2663

Other References

TSL2011100