CVE-2013-3697
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.
Desbordamiento de enterio en el controlador para el kernel NWFS.SYS 4.91.5.8 en Novell Client 4.91 SP5 sobre Windows XP y Windows Server 2003 y el controlador del kernel NCPL.SYS en Novell Client 2 SP2 sobre Windows Vista y Windows Server 2008 y Novell Client 2 SP3 sobre Windows Server 2008 R2, Windows 7, Windows 8, y Windows Server 2012, podría permitir a usuarios locales obtener privilegios a través de una llamada 0x1439EB IOCTL manipulada.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-05-30 CVE Reserved
- 2013-07-31 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-189: Numeric Errors
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| http://pastebin.com/RcS2Bucg | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.novell.com/support/kb/doc.php?id=7012497 | 2013-07-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Novell Search vendor "Novell" | Client Search vendor "Novell" for product "Client" | 4.91 Search vendor "Novell" for product "Client" and version "4.91" | sp5 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | * | - |
Safe
|
| Novell Search vendor "Novell" | Client Search vendor "Novell" for product "Client" | 4.91 Search vendor "Novell" for product "Client" and version "4.91" | sp5 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | - |
Safe
|
| Novell Search vendor "Novell" | Client Search vendor "Novell" for product "Client" | 2.0 Search vendor "Novell" for product "Client" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | - | - |
Safe
|
| Novell Search vendor "Novell" | Client Search vendor "Novell" for product "Client" | 2.0 Search vendor "Novell" for product "Client" and version "2.0" | sp2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | - |
Safe
|
| Novell Search vendor "Novell" | Client Search vendor "Novell" for product "Client" | 2.0 Search vendor "Novell" for product "Client" and version "2.0" | sp3 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | - |
Safe
|
| Novell Search vendor "Novell" | Client Search vendor "Novell" for product "Client" | 2.0 Search vendor "Novell" for product "Client" and version "2.0" | sp3 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 8 Search vendor "Microsoft" for product "Windows 8" | - | x64 |
Safe
|
| Novell Search vendor "Novell" | Client Search vendor "Novell" for product "Client" | 2.0 Search vendor "Novell" for product "Client" and version "2.0" | sp3 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 8 Search vendor "Microsoft" for product "Windows 8" | - | x86 |
Safe
|
| Novell Search vendor "Novell" | Client Search vendor "Novell" for product "Client" | 2.0 Search vendor "Novell" for product "Client" and version "2.0" | sp3 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Server 2008 Search vendor "Microsoft" for product "Windows Server 2008" | r2 Search vendor "Microsoft" for product "Windows Server 2008" and version "r2" | - |
Safe
|