Novell Client for Windows Kernel Driver Vulnerabilities (CVE-2013-3697/3956) Security Advisory

Key Information Environment Application: Novell Client for Windows Vulnerabilities 1. NICM.SYS Kernel Driver Vulnerability - Affected Platforms: Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows Vista, Windows Server 2008 - Vulnerability Description: Execution hijacking vulnerability in IOCTL handling, allowing attackers to execute arbitrary code in kernel context - Original Disclosure and Details: Link 2. NWFS.SYS Kernel Driver Vulnerability - Affected Platforms: Windows XP/2003 - Vulnerability Description: Integer overflow vulnerability in IOCTL handling, allowing attackers to execute arbitrary code in kernel - Original Disclosure and Details: Link Affected Versions All versions of Novell Client for Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows Vista, and Windows Server 2008 are affected All versions of Novell Client for Windows XP/2003 are affected Remediation Patch Links for Different Versions: - Novell Client 2 SP3 for Windows 7: Link - Novell Client 2 SP2 for Windows Vista: Link - Novell Client 4.91 Post-SP5 for Windows XP/2003: Link Status Security Advisory Additional Information CVE Identifiers: - Windows XP/2003: CVE-2013-3697 - Windows 7 and Windows 8: CVE-2013-3956

Goal Reached Thanks to every supporter — we hit 100%!

Novell Client for Windows Kernel Driver Vulnerabilities (CVE-2013-3697/3956) Security Advisory