CVE-2010-4711

Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.

Affected Software

Name	Vendor	Start Version	End Version
Groupwise	Novell	*	8.0.2 (including)
Groupwise	Novell	4.1 (including)	4.1 (including)
Groupwise	Novell	4.1a (including)	4.1a (including)
Groupwise	Novell	5.0 (including)	5.0 (including)
Groupwise	Novell	5.1 (including)	5.1 (including)
Groupwise	Novell	5.2 (including)	5.2 (including)
Groupwise	Novell	5.5 (including)	5.5 (including)
Groupwise	Novell	5.57e (including)	5.57e (including)
Groupwise	Novell	6.0 (including)	6.0 (including)
Groupwise	Novell	6.0-sp1 (including)	6.0-sp1 (including)
Groupwise	Novell	6.0-sp5 (including)	6.0-sp5 (including)
Groupwise	Novell	6.0.1-sp1 (including)	6.0.1-sp1 (including)
Groupwise	Novell	6.5 (including)	6.5 (including)
Groupwise	Novell	6.5-sp1 (including)	6.5-sp1 (including)
Groupwise	Novell	6.5-sp2 (including)	6.5-sp2 (including)
Groupwise	Novell	6.5-sp3 (including)	6.5-sp3 (including)
Groupwise	Novell	6.5-sp4 (including)	6.5-sp4 (including)
Groupwise	Novell	6.5-sp5 (including)	6.5-sp5 (including)
Groupwise	Novell	6.5-sp6 (including)	6.5-sp6 (including)
Groupwise	Novell	6.5.2 (including)	6.5.2 (including)
Groupwise	Novell	6.5.3 (including)	6.5.3 (including)
Groupwise	Novell	6.5.4 (including)	6.5.4 (including)
Groupwise	Novell	6.5.6 (including)	6.5.6 (including)
Groupwise	Novell	6.5.7 (including)	6.5.7 (including)
Groupwise	Novell	7.0 (including)	7.0 (including)
Groupwise	Novell	7.0.1 (including)	7.0.1 (including)
Groupwise	Novell	7.0.2 (including)	7.0.2 (including)
Groupwise	Novell	7.0.3 (including)	7.0.3 (including)
Groupwise	Novell	7.0.4 (including)	7.0.4 (including)
Groupwise	Novell	8.0 (including)	8.0 (including)
Groupwise	Novell	8.0.1 (including)	8.0.1 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-4711
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References