Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2008-09-05 09:08
Updated : 2018-10-11 13:41
NVD link : CVE-2008-2436
Mitre link : CVE-2008-2436
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
novell
- iprint_client