CVE-2008-1809

high

Description

Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=724

http://secunia.com/advisories/31036

http://www.novell.com/support/viewContent.do?externalId=3843876

http://www.securityfocus.com/bid/30175

http://www.securitytracker.com/id?1020470

http://www.vupen.com/english/advisories/2008/2062/references

https://exchange.xforce.ibmcloud.com/vulnerabilities/43716

Details

Source: MITRE

Published: 2008-07-14

Updated: 2017-08-08

Type: CWE-119

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH