CVE-2009-0895

Publication date

2009-12-03 17:00:00

Family

mitre

State

PUBLISHED

Description

Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.