CVE-2013-3956
60Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 7.8%
from disclosure to weapon0 days
Published on NVDJul 31
1st PoCJun 26
metasploitMay 22
VulnCheck+3057d
exploitation probability
7.8%top 6% of all CVEs
observed exploitation
yesVulnCheck
4 public exploit(s)
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.
Affected products
n/a · n/apublic PoCs found — 4
cve_referencewww.exploit-db.com/exploits/26452unverifiedcve_referencewww.exploit-db.com/exploits/27191unverifiedexploitdbwww.exploit-db.com/exploits/27191unverifiedexploitdbwww.exploit-db.com/exploits/26452unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.