Page 87 of 671 results (0.007 seconds)

CVSS: 10.0EPSS: 0%CPEs: 42EXPL: 0

Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors. Desbordamiento de búfer basado en montículo en el servicio NDS en Novell eDirectory versiones anteriores a v8.8 SP3 tiene un impacto y vectores de ataque desconocidos. • http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securityfocus.com/bid/30947 http://www.securitytracker.com/id?1020787 http://www.vupen.com/english/advisories/2008/2462 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 43EXPL: 0

Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header. Desbordamiento de búfer basado en montículo en la pila del protocolo HTTP en Novell eDirectory (HTTPSTK) versiones anteriores a v8.8 SP3 tiene un impacto y vectores de ataque desconocidos relaciona a (1) cabeceras del lenguaje HTTP y (2) cabeceras "content-length" HTTP. • http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securityfocus.com/bid/30947 http://www.securitytracker.com/id?1020786 http://www.vupen.com/english/advisories/2008/2462 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 42EXPL: 0

Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el protocolo HTTP Stack (HTTPSTK) en Novell eDirectory versiones anteriores a v8.8 SP3 permite a atacantes remotos inyectar web script o HTML a través de vectores deconocidos. • http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securityfocus.com/bid/30947 http://www.securitytracker.com/id?1020785 http://www.vupen.com/english/advisories/2008/2462 https://exchange.xforce.ibmcloud.com/vulnerabilities/46667 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based Provisioning Module 3.6.0 and 3.6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Novell User Application v3.0.1, v3.5.0, y v3.5.1; y Identity Manager Roles Based Provisioning Module v3.6.0 y v3.6.1 permite a atacantes remotos inyectar web script o HTML a través de vectores desconocidos. • http://www.novell.com/support/viewContent.do?externalId=7001157&sliceId=1 http://www.securityfocus.com/bid/30947 http://www.securitytracker.com/id?1020792 http://www.securitytracker.com/id?1020793 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 1%CPEs: 41EXPL: 0

Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter." Un desbordamiento de búfer en el Servicio LDAP en eDirectory de Novell versiones 8.7.3 anteriores a SP10a y versiones 8.8 anteriores a SP3, permite a los atacantes causar una denegación de servicio (bloqueo de aplicación) por medio de vectores que implica un "invalid extensibleMatch filter". • http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.novell.com/support/viewContent.do?externalId=3477912 http://www.securityfocus.com/bid/30947 http://www.securitytracker.com/id?1020788 http://www.vupen.com/english/advisories/2008/2462 https://bugzilla.novell.com/show_bug.cgi?id=373853 https://exchange.xforce.ibmcloud.com/vulnerabilities/43590 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •