7.2
CVE-2007-5762
- EPSS 0.88%
- Veröffentlicht 09.01.2008 22:46:00
- Zuletzt bearbeitet 16.06.2026 22:46:46
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Novell ≫ Netware Client Version4.91 Updatesp4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.88% | 0.544 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://download.novell.com/Download?buildid=4FmI89wOmg4~
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=637
http://secunia.com/advisories/28396
http://www.securityfocus.com/bid/27209
http://www.securitytracker.com/id?1019172
http://www.vupen.com/english/advisories/2008/0088
https://exchange.xforce.ibmcloud.com/vulnerabilities/39576