Lucene search
SAINT CorporationSAINT:278C60F772BD510E4FDAEDCAC10D8F6FHistorySep 16, 2008 - 12:00 a.m.
Novell iPrint ActiveX control GetDriverFile buffer overflow
2008-09-1600:00:00
SAINT Corporation
www.saintcorporation.com
9
0.471 Medium
EPSS
Percentile
97.1%
Added: 09/16/2008
CVE: CVE-2008-2431
BID: 30813
OSVDB: 51684
Background
Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint ActiveX control named **ienipp.ocx**.
Problem
A buffer overflow vulnerability in the Novell iPrint ActiveX control allows command execution when a user loads a web page which calls the **GetDriverFile** method with specially crafted arguments.
Resolution
Upgrade to Novell iPrint client 5.06 or higher.
References
<http://secunia.com/secunia_research/2008-27/advisory/>
Limitations
Exploit works on Novell iPrint Client 4.36.00 and requires a user to open the exploit page in Internet Explorer.
Platforms
Windows
Related
checkpoint_advisories
checkpoint_advisories
d2
d2
DSquare Exploit Pack: D2SEC_IPRINT2
2008-11-26 01:30:00
saint
saint
Novell iPrint ActiveX control GetDriverFile buffer overflow
2008-09-16 00:00:00
Novell iPrint ActiveX control GetDriverFile buffer overflow
2008-09-16 00:00:00
Novell iPrint ActiveX control GetDriverFile buffer overflow
2008-09-16 00:00:00
securityvulns
securityvulns
cvelist
cvelist
cve
cve
prion
prion
Buffer overflow
2008-11-26 01:30:00
Stack overflow
2008-11-26 01:30:00
Memory corruption
2012-02-21 13:31:00
openvas
openvas
Novell iPrint Client ActiveX Control Multiple Vulnerabilities
2008-08-27 00:00:00
Novell iPrint Client < 5.40 Multiple ActiveX Control Vulnerabilities
2008-08-27 00:00:00
seebug
seebug
Novell iPrint Client ActiveX控件多个缓冲区溢出漏洞
2008-08-26 00:00:00
nessus
nessus
Novell iPrint Client ActiveX Control Multiple Vulnerabilities
2008-08-26 00:00:00