Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2007-5667

NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the .\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.

  • Published: Nov 14, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-5667
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
novell / client 4.91-sp3 4.91-sp3.x
novell / client 4.91-sp4 4.91-sp4.x
novell / client 4.91-sp1 4.91-sp1.x
novell / client 4.91-sp2 4.91-sp2.x