Stack-Based Buffer Overflow in Novell Client Spooler Service
CVE-2008-0639

Currently unrated

Key Information:

Vendor: Novell
Status: Client
Vendor: CVE Published:; 13 February 2008

Summary

A stack-based buffer overflow exists within the EnumPrinters function of the Spooler service (nwspool.dll) in Novell Client versions 4.91 SP2, SP3, and SP4 for Windows. This vulnerability can be exploited by remote attackers who send specially crafted RPC requests, allowing them to execute arbitrary code on the affected systems. This issue is a result of an incomplete fix for a previously identified vulnerability, highlighting the need for rigorous security measures.

References

http://www.securityfocus.com/archive/1/487980/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/28895

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2008/0496

vdb-entryx_refsource_VUPEN

EPSS Score

49% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 13, 2008
Vulnerability Reserved
Feb 6, 2008