Vulnerability Details CVE-2008-3159
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.151
EPSS Ranking 94.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/30938
- http://securitytracker.com/id?1020431
- http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858
- http://www.securityfocus.com/bid/30085
- http://www.vupen.com/english/advisories/2008/1999
- http://www.zerodayinitiative.com/advisories/ZDI-08-041/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43589
- http://secunia.com/advisories/30938
- http://securitytracker.com/id?1020431
- http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858
- http://www.securityfocus.com/bid/30085
- http://www.vupen.com/english/advisories/2008/1999
- http://www.zerodayinitiative.com/advisories/ZDI-08-041/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43589
Products affected by CVE-2008-3159
-
cpe:2.3:a:novell:edirectory:8.7.3
-
cpe:2.3:a:novell:edirectory:8.8