Skip to main content

Novell iPrint Client Remote Buffer Overflow Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 5345 Views

RISK: Medium Risk

Two vulnerabilities have been identified in Novell iPrint Client, which could be exploited by remote attackers to compromise a vulnerable system.

1. Due to a buffer overflow error in "ienipp.ocx" when processing an overly long "target-frame" parameter, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

2. Due to a buffer overflow error when processing certain time information, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.


Impact

  • Remote Code Execution

System / Technologies affected

  • Novell iPrint Client version 4.38 and prior
  • Novell iPrint Client version 5.30 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link