CVE-2008-3159

EUVD-2008-3149
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
novelledirectory
8.7.3
novelledirectory
8.8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/30938
http://securitytracker.com/id?1020431
http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858
http://www.securityfocus.com/bid/30085
http://www.vupen.com/english/advisories/2008/1999
http://www.zerodayinitiative.com/advisories/ZDI-08-041/
https://exchange.xforce.ibmcloud.com/vulnerabilities/43589
http://secunia.com/advisories/30938
http://securitytracker.com/id?1020431
http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858
http://www.securityfocus.com/bid/30085
http://www.vupen.com/english/advisories/2008/1999
http://www.zerodayinitiative.com/advisories/ZDI-08-041/
https://exchange.xforce.ibmcloud.com/vulnerabilities/43589