5

CVE-2009-0192

Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NovellEdirectory Version8.8 Updatesp3
NovellEdirectory Version8.8 Updatesp3 Editionftf3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12.27% 0.957
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.novell.com/support/viewContent.do?externalId=3426981
http://osvdb.org/55847
http://secunia.com/advisories/34160
Vendor Advisory
http://secunia.com/secunia_research/2009-13/
Vendor Advisory
http://www.securityfocus.com/archive/1/504924/100/0/threaded
http://www.securityfocus.com/bid/35666
http://www.vupen.com/english/advisories/2009/1883
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/51703