NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
References
Configurations
History
21 Nov 2024, 00:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://download.novell.com/Download?buildid=4FmI89wOmg4~ - Patch | |
References | () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637 - Patch | |
References | () http://secunia.com/advisories/28396 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/27209 - Patch | |
References | () http://www.securitytracker.com/id?1019172 - | |
References | () http://www.vupen.com/english/advisories/2008/0088 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/39576 - |
Information
Published : 2008-01-09 22:46
Updated : 2024-11-21 00:38
NVD link : CVE-2007-5762
Mitre link : CVE-2007-5762
CVE.ORG link : CVE-2007-5762
JSON object : View
Products Affected
novell
- netware_client
CWE
CWE-20
Improper Input Validation