CVE-2008-4479

Currently unrated

Key Information:

Vendor
Novell
Status
Edirectory
Vendor
CVE Published:
14 October 2008

Summary

Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header.

References

http://www.novell.com/support/php/search.do?cmd=displayKC...
x_refsource_CONFIRM
http://www.securitytracker.com/id?1020989
vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2008/2738
vdb-entryx_refsource_VUPEN

EPSS Score

79% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.