CVE-2007-2954 in Clientinfo

Summary

Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Reservation

05/31/2007

Disclosure

08/31/2007

Moderation

VulDB entry created

Entries

VDB-38596

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

10.0

EPSS

0.22809

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-2954
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2954
CVE Details	https://www.cvedetails.com/cve/CVE-2007-2954/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!