CVE-2013-3956
EXPLOITEDNovell Client - Access Control
Title source: ruleDescription
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by sickness · pythonlocalwindows
https://www.exploit-db.com/exploits/27191
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows_x86
https://www.exploit-db.com/exploits/26452
metasploit
WORKING POC
NORMAL
by Unknown, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/novell_client_nicm.rb
Scores
EPSS
0.0215
EPSS Percentile
84.3%
Details
VulnCheck KEV
2021-12-13
CWE
CWE-264
Status
published
Products (2)
novell/client
4.91 sp5
novell/client
2.0 sp2 (2 CPE variants)
Published
Jul 31, 2013
Tracked Since
Feb 18, 2026