Unrated severityNVD Advisory· Published Aug 31, 2007· Updated Apr 23, 2026

CVE-2007-2954

Description

Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.

Affected products

Novell/Client3 versions
cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*
- cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*
- cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

download.novell.com/DownloadnvdPatch
secunia.com/advisories/26374nvdPatchVendor Advisory
secunia.com/secunia_research/2007-57/advisory/nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
www.securityfocus.com/bid/25474nvdPatch
www.vupen.com/english/advisories/2007/3006nvdVendor Advisory
osvdb.org/37321nvd
www.zerodayinitiative.com/advisories/ZDI-07-045/nvd
exchange.xforce.ibmcloud.com/vulnerabilities/35824nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.019
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000