Vulnerability Details CVE-2007-6701
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.406
EPSS Ranking 97.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html
- http://secunia.com/advisories/26238
- http://securitytracker.com/id?1018471
- http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html
- http://www.securityfocus.com/bid/25092
- http://www.zerodayinitiative.com/advisories/ZDI-07-045.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35653
- http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html
- http://secunia.com/advisories/26238
- http://securitytracker.com/id?1018471
- http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html
- http://www.securityfocus.com/bid/25092
- http://www.zerodayinitiative.com/advisories/ZDI-07-045.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35653
Products affected by CVE-2007-6701
-
cpe:2.3:a:novell:client:4.91
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista