CVE-2009-0192

Currently unrated

Key Information:

Vendor: Novell
Status: Edirectory
Vendor: CVE Published:; 14 July 2009

Summary

Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.

References

http://secunia.com/advisories/34160

third-party-advisoryx_refsource_SECUNIA

http://www.novell.com/support/viewContent.do?externalId=3...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/51703

vdb-entryx_refsource_XF

EPSS Score

40% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 14, 2009
Vulnerability Reserved
Jan 20, 2009

Collectors

NVD DatabaseMitre Database