CVE-2007-2954
published 2007-08-31CVE-2007-2954: Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute…
PriorityP350critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
23.78%
97.5th percentile
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| novell | client | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mwg2-x42f-3jxf: Multiple stack-based buffer overflows in the Spooler service (nwspool
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-2954 [HIGH] CWE-119 GHSA-mwg2-x42f-3jxf: Multiple stack-based buffer overflows in the Spooler service (nwspool
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
GHSA
GHSA-2gwf-q498-hprv: Multiple stack-based buffer overflows in the Spooler service (nwspool
ghsa_unreviewed·2022-05-01·CVSS 10.0
CVE-2007-6701 [CRITICAL] CWE-119 GHSA-2gwf-q498-hprv: Multiple stack-based buffer overflows in the Spooler service (nwspool
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://download.novell.com/Download?buildid=VOXNZb-6t_g~http://osvdb.org/37321http://secunia.com/advisories/26374http://secunia.com/secunia_research/2007-57/advisory/http://securitytracker.com/id?1018623http://www.securityfocus.com/bid/25474http://www.vupen.com/english/advisories/2007/3006http://www.zerodayinitiative.com/advisories/ZDI-07-045/https://exchange.xforce.ibmcloud.com/vulnerabilities/35824http://download.novell.com/Download?buildid=VOXNZb-6t_g~http://osvdb.org/37321http://secunia.com/advisories/26374http://secunia.com/secunia_research/2007-57/advisory/http://securitytracker.com/id?1018623http://www.securityfocus.com/bid/25474http://www.vupen.com/english/advisories/2007/3006http://www.zerodayinitiative.com/advisories/ZDI-07-045/https://exchange.xforce.ibmcloud.com/vulnerabilities/35824
2007-08-31
Published