[email protected]CVE-2007-2954

HistoryAug 31, 2007 - 10:17 p.m.

CVE-2007-2954

2007-08-3122:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-2954

buffer overflow

novell client

remote code execution

nvd

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.928 High

EPSS

Percentile

99.0%

JSON

Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.

Affected configurations

NVD

Node

novellclientMatch4.91sp2

novellclientMatch4.91sp3

novellclientMatch4.91sp4

CPENameOperatorVersion
novell:clientnovell clienteq4.91

CPE	Name	Operator	Version
novell:client	novell client	eq	4.91

References

download.novell.com/Download?buildid=VOXNZb-6t_g~

osvdb.org/37321

secunia.com/advisories/26374

secunia.com/secunia_research/2007-57/advisory/

securitytracker.com/id?1018623

www.securityfocus.com/bid/25474

www.vupen.com/english/advisories/2007/3006

www.zerodayinitiative.com/advisories/ZDI-07-045/

exchange.xforce.ibmcloud.com/vulnerabilities/35824

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.928 High

EPSS

Percentile

99.0%

JSON

Related for CVE-2007-2954

nvd6 prion4 cvelist5 nessus2 zdi2 canvas2 cve5 saint4 seebug3 cert1 exploitpack3 securityvulns3 checkpoint_advisories1 exploitdb3