Privilege Escalation Vulnerability in Novell Client for Windows Systems
CVE-2013-3956

Currently unrated

Key Information:

Vendor: Novell
Status: Client
Vendor: CVE Published:; 31 July 2013

What is CVE-2013-3956?

The NICM.SYS kernel driver associated with Novell Client allows local users to escalate their privileges on affected Windows systems by executing a specially crafted IOCTL call identified by the code 0x143B6B. This flaw can potentially allow unauthorized access to system resources and sensitive information.

References

http://pastebin.com/GB4iiEwR

x_refsource_MISC

http://www.exploit-db.com/exploits/26452

exploitx_refsource_EXPLOIT-DB

http://www.exploit-db.com/exploits/27191

exploitx_refsource_EXPLOIT-DB

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 31, 2013
Vulnerability Reserved
Jun 5, 2013