Vulnerabilities > Novell > Client
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-12-22 | CVE-2013-3705 | Improper Input Validation vulnerability in Novell Client 2.0 The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL. | 4.9 |
| 2013-07-31 | CVE-2013-3956 | Permissions, Privileges, and Access Controls vulnerability in Novell Client 2.0/4.91 The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call. | 7.2 |
| 2013-07-31 | CVE-2013-3697 | Numeric Errors vulnerability in Novell Client 2.0/4.91 Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call. | 7.2 |
| 2008-05-12 | CVE-2008-2145 | Buffer Errors vulnerability in Novell Client 4.91 Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog. | 7.2 |
| 2008-02-13 | CVE-2008-0639 | Buffer Errors vulnerability in Novell Client 4.91 Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. | 10.0 |
| 2008-02-13 | CVE-2007-6701 | Buffer Errors vulnerability in Novell Client 4.91 Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954. | 10.0 |
| 2007-11-14 | CVE-2007-5667 | Improper Input Validation vulnerability in Novell Client 4.91 NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations. | 7.2 |
| 2007-08-31 | CVE-2007-2954 | Buffer Errors vulnerability in Novell Client 4.91 Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854. | 10.0 |
| 2007-06-18 | CVE-2007-3207 | Remote Denial Of Service vulnerability in Novell Client 6.5Sp6 Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request. network novell | 7.1 |
| 2007-01-09 | CVE-2007-0108 | Unspecified vulnerability in Novell Client 4.91 nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles. network novell | 6.0 |