CVE-2007-5762

{"id": "CVE-2007-5762", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-01-09T22:46:00.000", "references": [{"url": "http://download.novell.com/Download?buildid=4FmI89wOmg4~", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28396", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/27209", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1019172", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0088", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39576", "source": "cve@mitre.org"}, {"url": "http://download.novell.com/Download?buildid=4FmI89wOmg4~", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/28396", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/27209", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1019172", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/0088", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39576", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\\\.\\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode."}, {"lang": "es", "value": "El controlador NICM.SYS 3.0.0.4, como el utilizado en Novell NetWare Client 4.91 SP4, permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n abriendo el dispositivo \\\\.\\nicm y proporcionando direcciones del n\u00facleo manipuladas mediante IOCTLs con modo de uso de b\u00fafer METHOD_NEITHER."}], "lastModified": "2024-11-21T00:38:38.287", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:novell:netware_client:4.91:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D33517C1-1716-4535-8AC6-FE6490FC5A39"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}