Stack-Based Buffer Overflow in Novell iManager eDirectory Plugin
CVE-2009-4486

Currently unrated

Key Information:

Vendor: Novell
Status: Imanager
Vendor: CVE Published:; 8 January 2010

What is CVE-2009-4486?

A stack-based buffer overflow vulnerability exists in the eDirectory plugin of Novell iManager prior to version 2.7.3. This weakness allows remote attackers to exploit the system by sending lengthy arguments to an unspecified sub-application during the import and export processes associated with the schema, potentially leading to arbitrary code execution. It is crucial to apply necessary updates to mitigate the risk of exploitation.

References

http://secunia.com/advisories/38030

third-party-advisoryx_refsource_SECUNIA

http://www.novell.com/support/viewContent.do?externalId=7...

x_refsource_CONFIRM

http://osvdb.org/61584

vdb-entryx_refsource_OSVDB

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 8, 2010
Vulnerability Reserved
Dec 30, 2009