Heap-based buffer overflow vulnerability (via a crafted driver-version parameter) in Novell iPrint Client before 5.64ID: oval:org.secpod.oval:def:1254 | Date: (C)2011-06-21 (M)2021-06-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Novell iPrint Client and is prone to heap-based buffer overflow vulnerability. A flaw is present in nipplib.dll, when handling the driver-version parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. Successful exploitation allows remote attacker to execute arbitrary code under the context of the browser.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Novell iPrint Client |