Vulnerability Description
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows | All versions |
| Novell | Client | 4.91 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html
- http://secunia.com/advisories/26238PatchVendor Advisory
- http://securitytracker.com/id?1018471
- http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.
- http://www.securityfocus.com/bid/25092ExploitPatch
- http://www.zerodayinitiative.com/advisories/ZDI-07-045.htmlPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35653
- http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html
- http://secunia.com/advisories/26238PatchVendor Advisory
- http://securitytracker.com/id?1018471
- http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.
- http://www.securityfocus.com/bid/25092ExploitPatch
- http://www.zerodayinitiative.com/advisories/ZDI-07-045.htmlPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35653
FAQ
What is CVE-2007-6701?
CVE-2007-6701 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspeci...
How severe is CVE-2007-6701?
CVE-2007-6701 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6701?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows, Novell Client.