CVE-2008-7287

CWE-3993 documents3 sources
Severity
4.0MEDIUM
EPSS
0.4%
top 41.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Directory Server
Timeline
PublishedApr 21
Latest updateMay 17

Description

Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_direct API functions in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allow remote authenticated users to cause a denial of service (memory consumption) by making many function calls.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/tivoli_directory_server5.2.0, 5.2.0.4+1

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-8c46-jp8j-xg8q: Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_direct API functions in IBM Tivoli Directory Server (TDS) 52022-05-17
CVEList
CVE-2008-7287: Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_direct API functions in IBM Tivoli Directory Server (TDS) 52011-04-21
CVE-2008-7287 (MEDIUM CVSS 4) | Multiple memory leaks in the (1) ld | cvebase.io