CVE-2008-4480
published 2008-10-14CVE-2008-4480: Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary…
critical10CVSS 3.1
AVNACLAuNCCICAC
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| novell | edirectory | >= 8.7.3 < 8.7.3.10 | 8.7.3.10 |
| novell | edirectory | >= 8.8 < 8.8.3 | 8.8.3 |