Vulnerabilities > Novell > Client > 4.91
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-07-31 | CVE-2013-3956 | Permissions, Privileges, and Access Controls vulnerability in Novell Client 2.0/4.91 The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call. | 7.2 |
| 2013-07-31 | CVE-2013-3697 | Numeric Errors vulnerability in Novell Client 2.0/4.91 Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call. | 7.2 |
| 2008-05-12 | CVE-2008-2145 | Buffer Errors vulnerability in Novell Client 4.91 Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog. | 7.2 |
| 2008-02-13 | CVE-2008-0639 | Buffer Errors vulnerability in Novell Client 4.91 Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. | 10.0 |
| 2008-02-13 | CVE-2007-6701 | Buffer Errors vulnerability in Novell Client 4.91 Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954. | 10.0 |
| 2007-11-14 | CVE-2007-5667 | Improper Input Validation vulnerability in Novell Client 4.91 NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations. | 7.2 |
| 2007-08-31 | CVE-2007-2954 | Buffer Errors vulnerability in Novell Client 4.91 Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854. | 10.0 |
| 2007-01-09 | CVE-2007-0108 | Unspecified vulnerability in Novell Client 4.91 nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles. network novell | 6.0 |
| 2006-12-10 | CVE-2006-6443 | Buffer Overflow vulnerability in Novell Client 4.91 Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors. | 10.0 |
| 2006-12-05 | CVE-2006-6307 | Remote Denial of Service vulnerability in Novell Client 4.91 srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary. | 5.0 |