Lucene search

K
saintSAINT CorporationSAINT:AF89138D587992D2377D661DE9A17D72
HistoryMar 11, 2008 - 12:00 a.m.

Novell iPrint Control ActiveX control ExecuteRequest buffer overflow

2008-03-1100:00:00
SAINT Corporation
www.saintcorporation.com
15

EPSS

0.438

Percentile

97.4%

Added: 03/11/2008
CVE: CVE-2008-0935
BID: 27939
OSVDB: 42063

Background

Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named **ienipp.ocx**.

Problem

A buffer overflow vulnerability in the **ExecuteRequest** function in the Novell iPrint Control ActiveX control allows command execution when a user loads a specially crafted web page.

Resolution

Upgrade to Novell iPrint Client 4.34 or higher.

References

<http://secunia.com/advisories/27994&gt;

Limitations

Exploit works on Novell iPrint Client 4.26.

Platforms

Windows

EPSS

0.438

Percentile

97.4%