Vulnerability Description
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Netware Client | 4.91 |
Related Weaknesses (CWE)
References
- http://download.novell.com/Download?buildid=4FmI89wOmg4~Patch
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637Patch
- http://secunia.com/advisories/28396Vendor Advisory
- http://www.securityfocus.com/bid/27209Patch
- http://www.securitytracker.com/id?1019172
- http://www.vupen.com/english/advisories/2008/0088
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39576
- http://download.novell.com/Download?buildid=4FmI89wOmg4~Patch
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637Patch
- http://secunia.com/advisories/28396Vendor Advisory
- http://www.securityfocus.com/bid/27209Patch
- http://www.securitytracker.com/id?1019172
- http://www.vupen.com/english/advisories/2008/0088
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39576
FAQ
What is CVE-2007-5762?
CVE-2007-5762 is a vulnerability with a CVSS score of 7.2 (HIGH). NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with t...
How severe is CVE-2007-5762?
CVE-2007-5762 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5762?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Netware Client.