Vulnerability Description
Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Imanager | <= 2.7.2 |
Related Weaknesses (CWE)
References
- http://osvdb.org/61584
- http://secunia.com/advisories/38030
- http://www.novell.com/support/viewContent.do?externalId=7004985&sliceId=1
- http://www.securityfocus.com/bid/37672Patch
- http://www.vupen.com/english/advisories/2010/0074
- http://www.zerodayinitiative.com/advisories/ZDI-10-001/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55468
- http://osvdb.org/61584
- http://secunia.com/advisories/38030
- http://www.novell.com/support/viewContent.do?externalId=7004985&sliceId=1
- http://www.securityfocus.com/bid/37672Patch
- http://www.vupen.com/english/advisories/2010/0074
- http://www.zerodayinitiative.com/advisories/ZDI-10-001/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55468
FAQ
What is CVE-2009-4486?
CVE-2009-4486 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-app...
How severe is CVE-2009-4486?
CVE-2009-4486 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4486?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Imanager.