Intrusion Prevention

Novell.GroupWise.Client.Windows.ActiveX.Code.Execution

Description

This indicates an attack attempt to exploit a Memory Corruption vulnerability in Novell GroupWise Client for Windows.
The vulnerability, which is located in the "gwcls1.dll" ActiveX control, can be exploited through misuse of "pXPItem" property. It may allow remote attackers to execute arbitrary code in the context of the application, using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash, resulting in a denial of service condition.

Affected Products

Novell GroupWise Client for Windows 2012 prior to SP1 Hot Patch 1
Novell GroupWise Client for Windows 8.0x prior to 8.0.3 Hot Patch 2

Impact

System Compromise: Remote attackers can execute arbitrary code within the context of the targeted user.

Recommended Actions

Refer to the vendor's website for patch.
http://www.novell.com/support/kb/doc.php?id=7011688

CVE References

CVE-2012-0439