Lucene search
Anonymousgwslabs.comAnonymousZDI-10-256HistoryDec 23, 2010 - 12:00 a.m.
Novell iPrint Activex GetDriverSettings Remote Code Execution Vulnerability
2010-12-2300:00:00
Anonymousgwslabs.comAnonymous
www.zerodayinitiative.com
13
0.406 Medium
EPSS
Percentile
97.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ienipp.ocx component. When handling the exposed method a GetDriverSettings call is made into nipplib!IppGetDriverSettings2 where the process will blindly copy user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
Related
cve
cve
CVE-2010-4321
2010-12-30 19:00:04
nessus
nessus
Novell iPrint Client < 5.56 Multiple Vulnerabilities
2010-12-29 00:00:00
saint
saint
Novell iPrint Client ActiveX Control GetDriverSettings buffer overflow
2010-11-24 00:00:00
Novell iPrint Client ActiveX Control GetDriverSettings buffer overflow
2010-11-24 00:00:00
Novell iPrint Client ActiveX Control GetDriverSettings buffer overflow
2010-11-24 00:00:00
packetstorm
packetstorm
Novell iPrint 5.52 ActiveX GetDriverSettings() Exploit
2011-01-19 00:00:00
Novell iPrint Client ActiveX Control <= 5.52 Buffer Overflow
2011-03-06 00:00:00
prion
prion
Stack overflow
2010-12-30 19:00:00
cvelist
cvelist
CVE-2010-4321
2010-12-30 18:00:00
openvas
openvas
Novell iPrint Client 'ienipp.ocx' ActiveX Buffer Overflow Vulnerability
2011-01-03 00:00:00
Novell iPrint Client 'ienipp.ocx' ActiveX Buffer Overflow Vulnerability
2011-01-03 00:00:00
nvd
nvd
CVE-2010-4321
2010-12-30 19:00:04