Lucene search

[email protected]CVE-2013-3697

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-3697

2022-10-0316:14:46

CWE-189

[email protected]

web.nvd.nist.gov

cve-2013-3697

integer overflow

nwfs.sys

kernel driver

novell client

windows xp

windows server 2003

windows vista

windows server 2008

windows server 2008 r2

windows 7

windows 8

windows server 2012

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.0%

JSON

Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.

Affected configurations

NVD

Node

novellclientMatch4.91sp5

AND

microsoftwindows_2003_server

microsoftwindows_xp

Node

novellclientMatch2.0sp2

AND

microsoftwindows_server_2008Match-

microsoftwindows_vista

Node

novellclientMatch2.0sp3

AND

microsoftwindows_7

microsoftwindows_8Match--x64

microsoftwindows_8Match--x86

microsoftwindows_server_2008Matchr2

CPENameOperatorVersion
novell:clientnovell clienteq4.91

CPE	Name	Operator	Version
novell:client	novell client	eq	4.91

References

pastebin.com/RcS2Bucg

www.novell.com/support/kb/doc.php?id=7012497

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.0%

JSON

Related for CVE-2013-3697

prion1 nvd1 cvelist1 nessus1