What is CVE-2010-1527?

CVE-2010-1527 is a vulnerability in Novell Iprint, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-08-23.

Is CVE-2010-1527 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Novell Iprint

CVE-2010-1527

Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.

Vulnerability class: Buffer Overflow

EPSS: 0.612 (98.3th percentile) — read the EPSS interpretation.

Affected products

Novell Iprint — versions 4.34, 5.32, 5.20b
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

novell-iprint-callbackurl-bo(61220) (vdb-entry, x_refsource_XF)
42576 (vdb-entry, x_refsource_BID)
PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)
oval:org.mitre.oval:def:11973 (x_refsource_OVAL, signature, vdb-entry)
PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM, Vendor Advisory)
40805 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)

Frequently asked questions

What is CVE-2010-1527?: CVE-2010-1527 is a vulnerability in Novell Iprint, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-08-23.
Is CVE-2010-1527 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.