CVE

Id
37627  
CVE No.
CVE-2009-0192  
Status
Candidate  
Description
Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.  
Phase
Assigned (20090120)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
408528 37627 CVE-2009-0192 BUGTRAQ:20090714 Secunia Research: Novell eDirectory iMonitor "Accept-Language" Buffer Overflow  View
408529 37627 CVE-2009-0192 URL:http://www.securityfocus.com/archive/1/archive/1/504924/100/0/threaded  View
408530 37627 CVE-2009-0192 MISC:http://secunia.com/secunia_research/2009-13/  View
408531 37627 CVE-2009-0192 CONFIRM:http://www.novell.com/support/viewContent.do?externalId=3426981  View
408532 37627 CVE-2009-0192 BID:35666  View
408533 37627 CVE-2009-0192 URL:http://www.securityfocus.com/bid/35666  View
408534 37627 CVE-2009-0192 OSVDB:55847  View
408535 37627 CVE-2009-0192 URL:http://osvdb.org/55847  View
408536 37627 CVE-2009-0192 SECUNIA:34160  View
408537 37627 CVE-2009-0192 URL:http://secunia.com/advisories/34160  View
408538 37627 CVE-2009-0192 VUPEN:ADV-2009-1883  View
408539 37627 CVE-2009-0192 URL:http://www.vupen.com/english/advisories/2009/1883  View
408540 37627 CVE-2009-0192 XF:edirectory-imonitor-acceptlanguage-bo(51703)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
40249 JVNDB-2009-001255 Ghostscript の big2_decode_symbol_dict 関数におけるバッファオーバーフローの脆弱性 Ghostscript の JBIG2 decoding ライブラリ (jbig2dec) にある big2_decode_symbol_dict 関数には、PDF ファイルの処理に不備があるため、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2009-0196 37627 9.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001255.html  View