Vulnerabilities (CVE)

Filtered by vendor Novell Subscribe
Filtered by product Client
Total 16 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-3697 2 Microsoft, Novell 7 Windows 2003 Server, Windows 7, Windows 8 and 4 more 2024-02-04 7.2 HIGH N/A
Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.
CVE-2013-3705 1 Novell 1 Client 2024-02-04 4.9 MEDIUM N/A
The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL.
CVE-2013-3956 2 Microsoft, Novell 7 Windows 2003 Server, Windows 7, Windows 8 and 4 more 2024-02-04 7.2 HIGH N/A
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.
CVE-2008-2145 1 Novell 1 Client 2024-02-04 7.2 HIGH N/A
Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog.
CVE-2007-5667 2 Microsoft, Novell 4 Windows 2000, Windows 2003 Server, Windows Xp and 1 more 2024-02-04 7.2 HIGH N/A
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.
CVE-2007-6701 2 Microsoft, Novell 2 Windows, Client 2024-02-04 10.0 HIGH N/A
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
CVE-2007-3207 1 Novell 1 Client 2024-02-04 7.1 HIGH N/A
Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request.
CVE-2006-6306 1 Novell 1 Client 2024-02-04 1.2 LOW N/A
Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window.
CVE-2007-2954 1 Novell 1 Client 2024-02-04 10.0 HIGH N/A
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
CVE-2006-6307 1 Novell 1 Client 2024-02-04 5.0 MEDIUM N/A
srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary.
CVE-2007-0108 1 Novell 1 Client 2024-02-04 6.0 MEDIUM N/A
nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles.
CVE-2006-6443 1 Novell 1 Client 2024-02-04 10.0 HIGH N/A
Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors.
CVE-2008-0639 2 Microsoft, Novell 2 Windows, Client 2024-02-04 10.0 HIGH N/A
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.
CVE-2006-2612 1 Novell 1 Client 2024-02-04 2.1 LOW N/A
Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt.
CVE-2006-2304 1 Novell 1 Client 2024-02-04 10.0 HIGH N/A
Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow.
CVE-2000-0793 2 Novell, Symantec 2 Client, Norton Antivirus 2024-02-04 10.0 HIGH N/A
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.