Vulnerability Details CVE-2009-4486
Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.105
EPSS Ranking 92.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/61584
- http://secunia.com/advisories/38030
- http://www.novell.com/support/viewContent.do?externalId=7004985&sliceId=1
- http://www.securityfocus.com/bid/37672
- http://www.vupen.com/english/advisories/2010/0074
- http://www.zerodayinitiative.com/advisories/ZDI-10-001/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55468
- http://osvdb.org/61584
- http://secunia.com/advisories/38030
- http://www.novell.com/support/viewContent.do?externalId=7004985&sliceId=1
- http://www.securityfocus.com/bid/37672
- http://www.vupen.com/english/advisories/2010/0074
- http://www.zerodayinitiative.com/advisories/ZDI-10-001/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55468
Products affected by CVE-2009-4486
-
cpe:2.3:a:novell:imanager:-
-
cpe:2.3:a:novell:imanager:1.5
-
cpe:2.3:a:novell:imanager:2.0
-
cpe:2.3:a:novell:imanager:2.0.2
-
cpe:2.3:a:novell:imanager:2.5
-
cpe:2.3:a:novell:imanager:2.6.0
-
cpe:2.3:a:novell:imanager:2.7
-
cpe:2.3:a:novell:imanager:2.7.1
-
cpe:2.3:a:novell:imanager:2.7.2