Check Point Advisories

Update Protection against Novell iPrint Client ienipp.ocx volatile-date-time Parsing Buffer Overflow

Check Point Reference: CPAI-2010-126
Date Published: 23 Apr 2010
Severity: Critical
Last Updated: Friday 01 January, 2010
Source: Secunia Advisory: SA37169
Industry Reference:CVE-2009-1569
Protection Provided by:
Who is Vulnerable? Novell iPrint Client 4.38 and prior
Novell iPrint Client 5.x prior to 5.32
Vulnerability Description A buffer overflow vulnerability exists in Novell iPrint Client, an application that allows users to install and manage printers, or submit print jobs from a web browser. The vulnerability is due to a boundary error when parsing malicious 'persistence' parameter values. A remote attacker can exploit this vulnerability by persuading a target user to open a malicious web page. Successful exploitation could result in remote code execution.
Update/Patch AvaliableNovell has released an advisory addressing this vulnerability.
Vulnerability DetailsThe vulnerability exists in the Novell iPrint client within the ActiveX control, specifically when handling an overly large persistence parameter value.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK