CVE-2007-2954

Опубликовано: 31 авг. 2007

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.

Ссылки

http://download.novell.com/Download?buildid=VOXNZb-6t_g~
Patch
http://osvdb.org/37321
http://secunia.com/advisories/26374
Patch
Vendor Advisory
http://secunia.com/secunia_research/2007-57/advisory/
Patch
Vendor Advisory
http://securitytracker.com/id?1018623
Patch
http://www.securityfocus.com/bid/25474
Patch
http://www.vupen.com/english/advisories/2007/3006
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-07-045/
https://exchange.xforce.ibmcloud.com/vulnerabilities/35824
http://download.novell.com/Download?buildid=VOXNZb-6t_g~
Patch
http://osvdb.org/37321
http://secunia.com/advisories/26374
Patch
Vendor Advisory
http://secunia.com/secunia_research/2007-57/advisory/
Patch
Vendor Advisory
http://securitytracker.com/id?1018623
Patch
http://www.securityfocus.com/bid/25474
Patch
http://www.vupen.com/english/advisories/2007/3006
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-07-045/
https://exchange.xforce.ibmcloud.com/vulnerabilities/35824

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*

cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*

cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.22809

Средний

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-mwg2-x42f-3jxf

github

почти 4 года назад