Description
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."
References (7)
Core 7
Core References
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43589
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-08-041/
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30938
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1020431
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30085
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1999
Scores
EPSS
0.2076
EPSS Percentile
95.7%
Details
CWE
CWE-189
Status
published
Products (2)
novell/edirectory
8.7.3
novell/edirectory
8.8
Published
Jul 14, 2008
Tracked Since
Feb 18, 2026