GCVE - cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:novell:edirectory:8.7.3.10:*:*:*:*:*:*:*

part: a version: 8.7.3.10 update: *

Vendor	Novell (`4a1c187d-e568-531f-92b0-685a3df2807c`)
Product	Edirectory (`f3d3857d-04cc-5212-b3f1-fdbdc65a2dd0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-0895`	vulnerable	2026-06-03 14:29:26.690534	Details available Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow. Published: 2009-12-03T17:00:00.000Z Updated: 2024-08-07T04:48:52.690Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2009/3379 http://www.securityfocus.com/bid/37184 https://exchange.xforce.ibmcloud.com/vulnerabilities/50616 http://www.iss.net/threats/356.html http://secunia.com/advisories/37554	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-5094`	vulnerable	2026-06-03 14:29:07.482167	Details available Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors. Published: 2008-11-14T19:00:00.000Z Updated: 2024-08-07T10:40:17.038Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/30947 http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securitytracker.com/id?1020787 http://www.vupen.com/english/advisories/2008/2462	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-5093`	vulnerable	2026-06-03 14:29:07.480974	Details available Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Published: 2008-11-14T19:00:00.000Z Updated: 2024-08-07T10:40:17.021Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/30947 https://exchange.xforce.ibmcloud.com/vulnerabilities/46667 http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securitytracker.com/id?1020785 http://www.vupen.com/english/advisories/2008/2462	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-5092`	vulnerable	2026-06-03 14:29:07.476609	Details available Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header. Published: 2008-11-14T19:00:00.000Z Updated: 2024-08-07T10:40:17.147Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/30947 http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securitytracker.com/id?1020786 http://www.vupen.com/english/advisories/2008/2462	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-5091`	vulnerable	2026-06-03 14:29:07.465803	Details available Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter." Published: 2008-11-14T19:00:00.000Z Updated: 2024-08-07T10:40:17.172Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/30947 http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securitytracker.com/id?1020788 https://exchange.xforce.ibmcloud.com/vulnerabilities/43590 http://www.novell.com/documentation/edir873/sp10_readme/netware/readme.txt	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.