Vulnerability Description
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Client | 4.91 |
Related Weaknesses (CWE)
References
- http://download.novell.com/Download?buildid=VOXNZb-6t_g~Patch
- http://osvdb.org/37321
- http://secunia.com/advisories/26374PatchVendor Advisory
- http://secunia.com/secunia_research/2007-57/advisory/PatchVendor Advisory
- http://securitytracker.com/id?1018623Patch
- http://www.securityfocus.com/bid/25474Patch
- http://www.vupen.com/english/advisories/2007/3006Vendor Advisory
- http://www.zerodayinitiative.com/advisories/ZDI-07-045/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35824
- http://download.novell.com/Download?buildid=VOXNZb-6t_g~Patch
- http://osvdb.org/37321
- http://secunia.com/advisories/26374PatchVendor Advisory
- http://secunia.com/secunia_research/2007-57/advisory/PatchVendor Advisory
- http://securitytracker.com/id?1018623Patch
- http://www.securityfocus.com/bid/25474Patch
FAQ
What is CVE-2007-2954?
CVE-2007-2954 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments...
How severe is CVE-2007-2954?
CVE-2007-2954 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2954?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Client.