A vulnerability has been reported in in Novell GroupWise Client.
versions 8.0 through 8.02 HP3.
The vulnerability is caused due to an error when processing Novell Address Book (".nab") files and can be exploited to cause a heap-based buffer overflow via an overly long email address.
The GroupWise 8 Client for Windows is vulnerable to an exploit where a malformed address book could cause heap memory corruption, which could lead to remote code execution under the privilege of the user that opened the address book.
Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious file.
Remote System Access
Update to version 8.02 post-HP3 FTF.