CVE-2009-0192 Information

Description

Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3 8.8 SP3 FTF3 and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header which triggers a stack-based buffer overflow.

Reference

http://osvdb.org/55847 http://secunia.com/advisories/34160 http://secunia.com/secunia_research/2009-13/ http://www.novell.com/support/viewContent.do?externalId=3426981 http://www.securityfocus.com/archive/1/504924/100/0/threaded http://www.securityfocus.com/bid/35666 http://www.vupen.com/english/advisories/2009/1883 https://exchange.xforce.ibmcloud.com/vulnerabilities/51703