Novell : Security Vulnerabilities, CVEs, Published In November 2007
Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character.
Max CVSS
10.0
EPSS Score
40.91%
Published
2007-11-02
Updated
2011-03-08
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.
Max CVSS
7.2
EPSS Score
0.05%
Published
2007-11-14
Updated
2021-07-07
2 vulnerabilities found