Unrated severityNVD Advisory· Published Nov 14, 2007· Updated Apr 23, 2026

CVE-2007-5667

Description

NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.

Affected products

Novell/Client4 versions
cpe:2.3:a:novell:client:4.91:sp1:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:novell:client:4.91:sp1:*:*:*:*:*:*
- cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*
- cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*
- cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/27678nvdPatchVendor Advisory
secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.htmlnvdPatch
labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
osvdb.org/40867nvd
www.securityfocus.com/bid/26420nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/3846nvd
exchange.xforce.ibmcloud.com/vulnerabilities/38434nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000