CVE-2008-0639

CWE-119 — Buffer Overflow3 documents3 sources

Severity

10.0CRITICAL

EPSS

44.6%

top 2.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Client

Timeline

PublishedFeb 13

Latest updateMay 1

Description

Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDnovell/client4.91

Patches

Patch: download.novell.com ↗Patch: marc.info ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-4jmj-xq3w-8f72: Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool↗2022-05-01

▶

CVEList

CVE-2008-0639: Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool↗2008-02-13

▶