Описание
Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:novell:iprint_client:4.26:*:windows:*:*:*:*:*
cpe:2.3:a:novell:iprint_client:4.32:*:windows:*:*:*:*:*
cpe:2.3:a:novell:iprint_client:4.35:*:windows:*:*:*:*:*
cpe:2.3:a:novell:iprint_client:4.36:*:windows:*:*:*:*:*
cpe:2.3:a:novell:iprint_client:5.06:*:vista:*:*:*:*:*
EPSS
Процентиль: 95%
0.19939
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx.
EPSS
Процентиль: 95%
0.19939
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94