Lucene search
Ivan AlmuinaZDI-10-139HistoryAug 05, 2010 - 12:00 a.m.
Novell iPrint Client Browser Plugin Parameter Name Remote Code Execution
2010-08-0500:00:00
Ivan Almuina
www.zerodayinitiative.com
13
0.08 Low
EPSS
Percentile
94.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint Client browser plugin. User interaction is required in that a target must visit a malicious web page. The specific flaw exists within handling plugin parameters. The application does not properly verify the name of parameters passed via tags. If a malicious attacker provides a long enough value a destination buffer can be overflowed. Successful exploitation leads to execution of arbitrary code under the context of the user owning the browser process.
Related
openvas
openvas
prion
prion
Design/Logic Flaw
2017-03-11 06:59:00
cvelist
cvelist
CVE-2010-4314
2017-03-11 06:46:00
saint
saint
Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow
2011-01-03 00:00:00
Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow
2011-01-03 00:00:00
Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow
2011-01-03 00:00:00
cve
cve
CVE-2010-4314
2017-03-11 06:59:00
nvd
nvd
CVE-2010-4314
2017-03-11 06:59:00