VYPR
Unrated severityNVD Advisory· Published Nov 14, 2007· Updated Jun 16, 2026

CVE-2007-5667

CVE-2007-5667

Description

NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.

Affected products

5
  • Novell/Client5 versions
    cpe:2.3:a:novell:client:4.91:sp1:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:novell:client:4.91:sp1:*:*:*:*:*:*
    • cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*
    • cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*
    • cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*
    • (no CPE)range: 4.91 SP 1 through SP 4

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.