Lucene search

K

[email protected]NVD:CVE-2007-2954

HistoryAug 31, 2007 - 10:17 p.m.

CVE-2007-2954

2007-08-3122:17:00

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.928 High

EPSS

Percentile

99.0%

Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.

Affected configurations

NVD

Node

novellclientMatch4.91sp2

OR

novellclientMatch4.91sp3

OR

novellclientMatch4.91sp4

References

download.novell.com/Download?buildid=VOXNZb-6t_g~

osvdb.org/37321

secunia.com/advisories/26374

secunia.com/secunia_research/2007-57/advisory/

securitytracker.com/id?1018623

www.securityfocus.com/bid/25474

www.vupen.com/english/advisories/2007/3006

www.zerodayinitiative.com/advisories/ZDI-07-045/

exchange.xforce.ibmcloud.com/vulnerabilities/35824

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.928 High

EPSS

Percentile

99.0%

Related for NVD:CVE-2007-2954

cve6 prion4 cvelist5 saint4 seebug3 zdi2 exploitpack3 securityvulns3 nvd5 checkpoint_advisories1 nessus2 canvas2 cert1 exploitdb3