Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named
A buffer overflow vulnerability within the handling of functions that take a URI as a parameter allows arbitrary command execution when a user loads a specially crafted web page.
Apply the patch referenced in Novell knowledge base document 7012344.
Exploit works on Novell iPrint Client 05.86.00 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn) and requires a user to load the exploit page in Internet Explorer 8.
The SAINTexploit host must be able to bind to port 631/tcp.