CVE-2014-0610

critical

Published 2014-09-05 · Modified 2026-05-06

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.novell.com/support/kb/doc.php?id=7015565

Application impact

Vendor	Product	Versions
novell	groupwise	`{"endIncluding":"8.03"}`
novell	groupwise	`8.0`
novell	groupwise	`8.00`
novell	groupwise	`8.01`
novell	groupwise	`8.02`
novell	groupwise	`8.03`
novell	groupwise	`2012`
novell	groupwise	`2014`

References

http://www.novell.com/support/kb/doc.php?id=7015565
http://www.securitytracker.com/id/1030802
https://bugzilla.novell.com/show_bug.cgi?id=874533
https://exchange.xforce.ibmcloud.com/vulnerabilities/95738
http://www.novell.com/support/kb/doc.php?id=7015565
http://www.securitytracker.com/id/1030802
https://bugzilla.novell.com/show_bug.cgi?id=874533
https://exchange.xforce.ibmcloud.com/vulnerabilities/95738

Verify integrity in audit chain (admin only). AS-IS.