Lucene search

K

[email protected]NVD:CVE-2008-2908

HistoryJun 30, 2008 - 6:24 p.m.

CVE-2008-2908

2008-06-3018:24:00

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.41 Medium

EPSS

Percentile

97.3%

Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

novelliprint_clientRange≤4.35windows

References

secunia.com/advisories/30709

support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5028061.html

www.kb.cert.org/vuls/id/145313

www.securityfocus.com/bid/29736

www.securitytracker.com/id?1020303

www.vupen.com/english/advisories/2008/1837/references

exchange.xforce.ibmcloud.com/vulnerabilities/43085

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.41 Medium

EPSS

Percentile

97.3%

Related for NVD:CVE-2008-2908

cve1 saint4 nessus1 checkpoint_advisories1 cvelist1 packetstorm1 prion1