Unrated severityNVD Advisory· Published Oct 8, 2011· Updated Apr 29, 2026

CVE-2011-0333

Description

Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error."

Affected products

Novell/Groupwise3 versions
cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.0:hp1:*:*:*:*:*:*
- cpe:2.3:a:novell:groupwise:8.0:hp2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/secunia_research/2011-66/nvdVendor Advisory
www.novell.com/support/viewContent.donvdVendor Advisory
bugzilla.novell.com/show_bug.cginvd
labs.idefense.com/verisign/intelligence/2009/vulnerabilities/display.phpnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000