Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
68.51%
Published
2013-05-02
Updated
2015-10-08
Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action.
Max CVSS
10.0
EPSS Score
2.48%
Published
2012-12-24
Updated
2013-01-08
Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173.
Max CVSS
10.0
EPSS Score
3.71%
Published
2012-02-21
Updated
2012-02-24
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705.
Max CVSS
9.3
EPSS Score
0.29%
Published
2012-02-21
Updated
2012-02-22
The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436.
Max CVSS
10.0
EPSS Score
0.94%
Published
2012-02-21
Updated
2012-02-22
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie.
Max CVSS
9.3
EPSS Score
30.86%
Published
2011-06-09
Updated
2018-10-09
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url.
Max CVSS
9.3
EPSS Score
37.53%
Published
2011-06-09
Updated
2018-10-09
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url.
Max CVSS
9.3
EPSS Score
31.57%
Published
2011-06-09
Updated
2018-10-09
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url.
Max CVSS
9.3
EPSS Score
30.86%
Published
2011-06-09
Updated
2018-10-09
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url.
Max CVSS
9.3
EPSS Score
30.86%
Published
2011-06-09
Updated
2018-10-09
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url.
Max CVSS
9.3
EPSS Score
30.86%
Published
2011-06-09
Updated
2018-10-09
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url.
Max CVSS
9.3
EPSS Score
23.28%
Published
2011-06-09
Updated
2018-10-09
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url.
Max CVSS
9.3
EPSS Score
30.86%
Published
2011-06-09
Updated
2018-10-09
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url.
Max CVSS
9.3
EPSS Score
30.86%
Published
2011-06-09
Updated
2018-10-09
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url.
Max CVSS
9.3
EPSS Score
30.86%
Published
2011-06-09
Updated
2018-10-09
Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter.
Max CVSS
9.3
EPSS Score
3.17%
Published
2017-03-11
Updated
2017-03-15
Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter.
Max CVSS
9.3
EPSS Score
3.82%
Published
2010-08-23
Updated
2017-09-19
Buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code by using EMBED elements to pass parameters with long names.
Max CVSS
9.3
EPSS Score
3.82%
Published
2010-08-23
Updated
2017-09-19

CVE-2010-3106

Public exploit
The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.
Max CVSS
9.3
EPSS Score
18.40%
Published
2010-08-23
Updated
2017-09-19
The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
9.3
EPSS Score
7.42%
Published
2010-08-23
Updated
2017-09-19

CVE-2010-1527

Public exploit
Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.
Max CVSS
9.3
EPSS Score
93.36%
Published
2010-08-23
Updated
2017-09-19
Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.1, "Novell iPrint Client 4.38 ActiveX exploit." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
Max CVSS
9.3
EPSS Score
3.36%
Published
2009-09-11
Updated
2010-08-25

CVE-2009-1569

Public exploit
Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.
Max CVSS
9.3
EPSS Score
94.60%
Published
2009-12-08
Updated
2018-10-10
Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code via a long target-frame option value, a different vulnerability than CVE-2008-2431.
Max CVSS
9.3
EPSS Score
2.82%
Published
2008-11-26
Updated
2008-11-26
Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPath argument to the (8) UploadPrinterDriver or (9) UploadResource method, related to URIs; (10) a long seventh argument to the UploadResource method; a long string in the (11) second, (12) third, or (13) fourth argument to the GetDriverSettings method, related to the IppGetDriverSettings function in nipplib.dll; or (14) a long eighth argument to the UploadResourceToRMS method.
Max CVSS
9.3
EPSS Score
47.08%
Published
2008-11-26
Updated
2017-08-08
26 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!