Lucene search
Gwslabs.comAnonymousZDI-11-309HistoryOct 26, 2011 - 12:00 a.m.
Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability
2011-10-2600:00:00
gwslabs.comAnonymous
www.zerodayinitiative.com
10
0.296 Low
EPSS
Percentile
96.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib.dll component. When handling the exposed method GetDriverSettings the application assembles a string for logging consisting of the hostname/port provided as a parameter. When building this message the process will blindly copy user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
Related
cve
cve
CVE-2011-3173
2022-10-03 16:15:06
CVE-2011-4187
2022-10-03 16:15:15
nessus
nessus
nvd
nvd
CVE-2011-3173
2011-11-30 04:05:58
CVE-2011-4187
2012-02-21 13:31:35
securityvulns
securityvulns
ZDI-11-309 : Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability
2011-10-31 00:00:00
Novell iPrint buffer overflow
2011-10-31 00:00:00
cvelist
cvelist
CVE-2011-3173
2022-10-03 16:15:06
CVE-2011-4187
2022-10-03 16:15:15
checkpoint_advisories
checkpoint_advisories
Novell iPrint Client GetDriverSettings Stack Buffer Overflow (CVE-2011-3173)
2010-12-12 00:00:00
prion
prion
Stack overflow
2011-11-30 04:05:00
Buffer overflow
2012-02-21 13:31:00
saint
saint
Novell iPrint Client ActiveX Control GetDriverSettings Stack Overflow
2011-12-23 00:00:00
Novell iPrint Client ActiveX Control GetDriverSettings Stack Overflow
2011-12-23 00:00:00
Novell iPrint Client ActiveX Control GetDriverSettings Stack Overflow
2011-12-23 00:00:00