Security Vulnerability: Novell Messenger Client for Windows Buffer Overflow Vulnerability

  • 7011935
  • 13-Mar-2013
  • 14-Mar-2013


Affected versions:
Novell Messenger 2.2.1 (and earlier)
Novell Messenger 2.1 (and earlier)
GroupWise Messenger 2.04 (and earlier)


The Novell Messenger client for Windows is vulnerable to a buffer overflow vulnerability that could be exploited by a remote attacker to execute arbitrary code on vulnerable workstations.

This vulnerability was discovered and reported by Luigi Auriemma working with HP Enterprise Security's Zero Day Initiative (, ZDI-CAN-1339

Novell bug 777352, CVE-2013-1085


To resolve this issue, upgrade your Novell Messenger clients for Windows to version 2.2.2 (or higher).

Bug Number