// For flags

CVE-2013-3697

 

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.

Desbordamiento de enterio en el controlador para el kernel NWFS.SYS 4.91.5.8 en Novell Client 4.91 SP5 sobre Windows XP y Windows Server 2003 y el controlador del kernel NCPL.SYS en Novell Client 2 SP2 sobre Windows Vista y Windows Server 2008 y Novell Client 2 SP3 sobre Windows Server 2008 R2, Windows 7, Windows 8, y Windows Server 2012, podría permitir a usuarios locales obtener privilegios a través de una llamada 0x1439EB IOCTL manipulada.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-05-30 CVE Reserved
  • 2013-07-31 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • 2024-09-17 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-189: Numeric Errors
CAPEC
References (2)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Novell
Search vendor "Novell"
Client
Search vendor "Novell" for product "Client"
4.91
Search vendor "Novell" for product "Client" and version "4.91"
sp5
Affected
in Microsoft
Search vendor "Microsoft"
Windows 2003 Server
Search vendor "Microsoft" for product "Windows 2003 Server"
*-
Safe
Novell
Search vendor "Novell"
Client
Search vendor "Novell" for product "Client"
4.91
Search vendor "Novell" for product "Client" and version "4.91"
sp5
Affected
in Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*-
Safe
Novell
Search vendor "Novell"
Client
Search vendor "Novell" for product "Client"
2.0
Search vendor "Novell" for product "Client" and version "2.0"
sp2
Affected
in Microsoft
Search vendor "Microsoft"
Windows Server 2008
Search vendor "Microsoft" for product "Windows Server 2008"
--
Safe
Novell
Search vendor "Novell"
Client
Search vendor "Novell" for product "Client"
2.0
Search vendor "Novell" for product "Client" and version "2.0"
sp2
Affected
in Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*-
Safe
Novell
Search vendor "Novell"
Client
Search vendor "Novell" for product "Client"
2.0
Search vendor "Novell" for product "Client" and version "2.0"
sp3
Affected
in Microsoft
Search vendor "Microsoft"
Windows 7
Search vendor "Microsoft" for product "Windows 7"
*-
Safe
Novell
Search vendor "Novell"
Client
Search vendor "Novell" for product "Client"
2.0
Search vendor "Novell" for product "Client" and version "2.0"
sp3
Affected
in Microsoft
Search vendor "Microsoft"
Windows 8
Search vendor "Microsoft" for product "Windows 8"
-x64
Safe
Novell
Search vendor "Novell"
Client
Search vendor "Novell" for product "Client"
2.0
Search vendor "Novell" for product "Client" and version "2.0"
sp3
Affected
in Microsoft
Search vendor "Microsoft"
Windows 8
Search vendor "Microsoft" for product "Windows 8"
-x86
Safe
Novell
Search vendor "Novell"
Client
Search vendor "Novell" for product "Client"
2.0
Search vendor "Novell" for product "Client" and version "2.0"
sp3
Affected
in Microsoft
Search vendor "Microsoft"
Windows Server 2008
Search vendor "Microsoft" for product "Windows Server 2008"
r2
Search vendor "Microsoft" for product "Windows Server 2008" and version "r2"
-
Safe