Novell IPrint Client Multiple Vulnerabilities (windows) Network Vulnerability

Summary

The host is installed with Novell iPrint Client and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allow attackers to execute arbitrary code, to cause buffer overflow or cause the application to crash. Impact Level: Application

Solution

Upgrade to Novell iPrint Client version 5.44 or later http://www.novell.com/products/openenterpriseserver/iprint.html

Insight

Multiple flaws are due to: - An error in 'PluginGetDriverFile' function, which interprets an uninitialized memory location as a pointer value. - An improper bounds checking by the 'call-back-url' parameter for a 'op-client-interface-version' operation. A remote attacker can use an overly long call-back-url parameter to overflow a buffer and execute arbitrary code on the system.

Affected

Novell iPrint Client version prior to 5.44 on Windows

References

http://secunia.com/advisories/40805
http://secunia.com/secunia_research/2010-104/
http://www.novell.com/support/viewContent.do?externalId=7006679
http://xforce.iss.net/xforce/xfdb/61220

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1527, CVE-2010-3105

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
Adobe Flash Media Server multiple vulnerabilities
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Mac OS X)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Windows)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)

Novell iPrint Client Multiple Vulnerabilities (windows)

Take action and discover your vulnerabilities