Novell eDirectory Multiple Buffer Overflow And Cross-Site Scripting Vulnerabilities
Novell eDirectory is prone to multiple buffer-overflow and multiple cross-site scripting vulnerabilities.
Successful exploits of buffer-overflow vulnerabilities may allow attackers to execute arbitrary code in the context of the application. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition.
Exploiting cross-site scripting vulnerabilities may allow an attacker to steal cookie-based information or execute script code in the context of the browser of an unsuspecting user.
Versions prior to Novell eDirectory 8.8 SP3 are vulnerable.