Novell Client nwspool.dll EnumPrinters Function Stack Buffer Overflow
Gravité: : Critique
Identifiant(s) CVE: : CVE-2008-0639
Date du conseil: 21 juillet 2015
Description
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1001822
Trend Micro Deep Security DPI Rule Name: 1001822 - Novell Client nwspool.dll EnumPrinters Function Stack Buffer Overflow
Affected software and version:
- Novell Novell client 4.91