CVE-2008-3159

high

Description

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."

References

http://secunia.com/advisories/30938

http://securitytracker.com/id?1020431

http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858

http://www.securityfocus.com/bid/30085

http://www.vupen.com/english/advisories/2008/1999

http://www.zerodayinitiative.com/advisories/ZDI-08-041/

https://exchange.xforce.ibmcloud.com/vulnerabilities/43589

Details

Source: MITRE

Published: 2008-07-14

Updated: 2017-08-08

Type: CWE-189

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH