CVE-2007-0108

5 documents5 sources
Severity
6.0MEDIUM
EPSS
2.2%
top 15.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Client
Timeline
PublishedJan 9
Latest updateMay 1

Description

nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages1 packages

NVDnovell/client4.91

🔴Vulnerability Details

2
GHSA
GHSA-62q4-p5mv-fg7m: nwgina2022-05-01
CVEList
CVE-2007-0108: nwgina2007-01-09

💥Exploits & PoCs

1
Exploit-DB
Microsoft Office Groove 2007 - 'mso.dll' DLL Hijacking2010-08-25

📋Vendor Advisories

1
Citrix
CVE-2007-0108: nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows2007-01-09