CVE-2008-4478
published 2008-10-14CVE-2008-4478: Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code…
critical10CVSS 3.1
AVNACLAuNCCICAC
Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| novell | edirectory | <= 8.7.3.10 | — |
| novell | edirectory | — | — |
| novell | edirectory | — | — |
| novell | edirectory | — | — |
| novell | edirectory | — | — |
| novell | edirectory | — | — |
| novell | edirectory | — | — |
| novell | edirectory | — | — |
| novell | edirectory | — | — |
| novell | edirectory | — | — |