CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-2954

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0460%
EPSS Percentile29.70th
Published2007年8月31日
Last Modified2026年4月23日

Vulnerability Description

Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.

Affected Platforms (CPE)

📦
Novell

Client

= 4.91
📦
Novell

Client

= 4.91
📦
Novell

Client

= 4.91

References & Advisories

🔗 http://download.novell.com/Download?buildid=VOXNZb-6t_g~
🔗 http://osvdb.org/37321
🔗 http://secunia.com/advisories/26374
🔗 http://secunia.com/secunia_research/2007-57/advisory/
🔗 http://securitytracker.com/id?1018623
🔗 http://www.securityfocus.com/bid/25474
🔗 http://www.vupen.com/english/advisories/2007/3006
🔗 http://www.zerodayinitiative.com/advisories/ZDI-07-045/

関連する脆弱性情報

CVE-2020-2949110.0

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker...

CVE-2019-1665010.0

On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same ...

CVE-2026-4638910.0

UDS Identity Config builds the Keycloak configuration image (realm, plugins, theme, truststore, JARs) consumed by UDS Core's Ident...

CVE-2020-738810.0

Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authenticati...