CVE-2008-3159

{"id": "CVE-2008-3159", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-07-14T18:41:00.000", "references": [{"url": "http://secunia.com/advisories/30938", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1020431", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/support/search.do?cmd=displayKC&sliceId=SAL_Public&externalId=3694858", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/30085", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1999", "source": "cve@mitre.org"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-041/", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43589", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-189"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to \"flawed arithmetic.\""}, {"lang": "es", "value": "Desbordamiento de entero en ds.dlm, como el utilizado en dhost.exe de Novell eDirectory 8.7.3.10 anterior a 8.7.3 SP10b y 8.8 anterior a 8.8.2 ftf2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados que provocan un desbordamiento del b\u00fafer basado en pila. Relacionado con \"aritm\u00e9tica defectuosa\"."}], "lastModified": "2017-08-08T01:31:37.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:novell:edirectory:8.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "029ADE6D-6761-4196-847C-A0EFB3A06341"}, {"criteria": "cpe:2.3:a:novell:edirectory:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7548D05-AD2B-46C3-9036-366585FFCB48"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}