CVE-2007-5667

Currently unrated

Key Information:

Vendor: Novell
Status: Client
Vendor: CVE Published:; 14 November 2007

Summary

NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the .\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.

References

http://secunia.com/advisories/27678

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/38434

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1018943

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Nov 14, 2007
Vulnerability Reserved
Oct 23, 2007

Collectors

NVD DatabaseMitre Database