Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0432Improper Restriction of Operations within the Bounds of a Memory Buffer in Edirectory

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources
Severity
10.0CRITICALNVD
EPSS
85.2%
top 0.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microfocus Edirectory
Timeline
PublishedDec 25
Latest updateMay 4

Description

Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDmicrofocus/edirectory8.8.7.0, 8.8.7.1+1

🔴Vulnerability Details

2
GHSA
GHSA-h43q-vm38-cg3c: Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 82022-05-04
CVEList
CVE-2012-0432: Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 82012-12-25

💥Exploits & PoCs

2
Exploit-DB
Novell eDirectory 8 - Remote Buffer Overflow (Metasploit)2013-01-24
Exploit-DB
Novell NCP - Remote Command Execution2013-01-18
CVE-2012-0432 — Microfocus Edirectory vulnerability | cvebase