Environment
Novell Client 2 SP1 for Windows 7, Vista, 2008, 2008 R2
Novell Client for Windows 2000/XP/2003 4.91 Support Pack 5
Situation
The Novell Client ActiveX control is prone to a remote denial-of-service vulnerability because of an unspecified error.
A successful attack allows a remote attacker to crash an application that is using the ActiveX control (typically Internet Explorer), denying further service to legitimate users.
Resolution
Fix available:
For Novell Client 2 for Windows 7, Vista, 2008, and 2008 R2:
Novell Client 2 SP1 for Windows (and later)
For Novell Client 4.91 SP5 for Windows XP/2003:
Novell Client 4.91 Post-SP5 NWFILTER - 491psp5_nwfilter_1.zip (and later)
Status
Security AlertAdditional Information
Bugtraq ID: 36139, found by Francis Provencher . "Novell Client ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service Vulnerability."