CVE-2011-1701

2011-06-0919:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-1701

nipplib.dll

novell iprint client

buffer overflow

remote code execution

printer-url

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.349 Low

EPSS

Percentile

97.1%

JSON

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url.

CPENameOperatorVersion
novell:iprintnovell iprinteq5.20b
novell:iprintnovell iprinteq5.44
novell:iprintnovell iprinteq5.30
novell:iprintnovell iprinteq5.50
novell:iprintnovell iprinteq4.34
novell:iprintnovell iprintle5.60
novell:iprintnovell iprinteq4.38
novell:iprintnovell iprinteq5.56
novell:iprintnovell iprinteq4.27
novell:iprintnovell iprinteq4.32

CPE	Name	Operator	Version
novell:iprint	novell iprint	eq	5.20b
novell:iprint	novell iprint	eq	5.44
novell:iprint	novell iprint	eq	5.30
novell:iprint	novell iprint	eq	5.50
novell:iprint	novell iprint	eq	4.34
novell:iprint	novell iprint	le	5.60
novell:iprint	novell iprint	eq	4.38
novell:iprint	novell iprint	eq	5.56
novell:iprint	novell iprint	eq	4.27
novell:iprint	novell iprint	eq	4.32