Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-3956
HistoryJul 31, 2013 - 1:20 p.m.

CVE-2013-3956

2013-07-3113:20:28
CWE-264
[email protected]
web.nvd.nist.gov
7

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0.004

Percentile

75.0%

JSON

The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.

Affected configurations

Nvd
Node
novellclientMatch4.91sp5
AND
microsoftwindows_2003_server
OR
microsoftwindows_xp
Node
novellclientMatch2.0sp2
AND
microsoftwindows_server_2008Match-
OR
microsoftwindows_vista
Node
novellclientMatch2.0sp3
AND
microsoftwindows_7
OR
microsoftwindows_8Match--x64
OR
microsoftwindows_8Match--x86
OR
microsoftwindows_server_2008Matchr2
VendorProductVersionCPE
novellclient4.91cpe:2.3:a:novell:client:4.91:sp5:*:*:*:*:*:*
microsoftwindows_2003_server*cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
novellclient2.0cpe:2.3:a:novell:client:2.0:sp2:*:*:*:*:*:*
microsoftwindows_server_2008-cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*
microsoftwindows_vista*cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
novellclient2.0cpe:2.3:a:novell:client:2.0:sp3:*:*:*:*:*:*
microsoftwindows_7*cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*
microsoftwindows_8-cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*
microsoftwindows_8-cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*
Rows per page:
1-10 of 111

Related

metasploit 1
exploitdb 2
cve 1
prion 1
canvas 1
cvelist 1
nessus 1
mmpc 1
mssecure 2
threatpost 1
rapid7blog 1
metasploit
metasploit
Novell Client 2 SP3 nicm.sys Local Privilege Escalation
2013-06-25 04:51:28
exploitdb
exploitdb
Novell Client 2 SP3 - 'nicm.sys' Local Privilege Escalation (Metasploit)
2013-06-26 00:00:00
Novell Client 2 SP3 - 'nicm.sys 3.1.11.0' Local Privilege Escalation
2013-07-29 00:00:00
cve
cve
CVE-2013-3956
2013-07-31 13:20:28
prion
prion
Code injection
2013-07-31 13:20:00
canvas
canvas
Immunity Canvas: NOVELL_NICM
2013-07-31 13:20:00
cvelist
cvelist
CVE-2013-3956
2013-07-31 10:00:00
nessus
nessus
Novell Client / Client 2 Multiple Vulnerabilities
2013-09-03 00:00:00
mmpc
mmpc
Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center
2021-12-08 17:00:58
mssecure
mssecure
Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center
2021-12-08 17:00:58
Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks
2020-03-17 16:00:49
threatpost
threatpost
BYO-Bug Tactic Attacks Windows Kernel with Outdated Driver
2020-02-10 21:07:34
rapid7blog
rapid7blog
Driver-Based Attacks: Past and Present
2021-12-13 14:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0.004

Percentile

75.0%

JSON
Related for NVD:CVE-2013-3956
metasploit1exploitdb2cve1prion1canvas1cvelist1nessus1mmpc1mssecure2threatpost1rapid7blog1