|Check Point Reference:||CPAI-2012-174|
|Date Published:||14 May 2012|
|Protection Provided by:||
|Who is Vulnerable?||Novell GroupWise Messenger 2.1.0 and prior|
|Vulnerability Description||A heap memory corruption vulnerability has been reported in Novell GroupWise Messenger.|
|Vulnerability Details||The vulnerability is caused by an incorrect type value while handling objects posted to the createsearch page. A remote attacker may exploit this issue by sending a specially crafted request to the target service. Successful exploitation would allow an attacker to execute arbitrary code on the target service.|
This protection will detect and block specially crafted requests.
In order for the protection to be activated, update your product to the latest update. For information on how to update , go to SBP-2006-05, Protection tab and select the version of your choice.
SmartView Tracker will log the following entries:
Attack Name: Instant Messenger
Attack Information: Novell GroupWise Messenger nmma.exe createsearch Memory Corruption