What is CVE-2010-3106?

CVE-2010-3106 is a vulnerability in Novell Iprint, classified under Improper Input Validation. Published 2010-08-23.

Is CVE-2010-3106 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Novell Iprint

CVE-2010-3106

The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory cor…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.558 (98.1th percentile) — read the EPSS interpretation.

Affected products

Novell Iprint — versions 4.34, 5.32, 5.20b
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cve@mitre.org (Patch, x_refsource_MISC)
oval:org.mitre.oval:def:12044 (x_refsource_OVAL, signature, vdb-entry)
cve@mitre.org (x_refsource_CONFIRM, Patch)

Frequently asked questions

What is CVE-2010-3106?: CVE-2010-3106 is a vulnerability in Novell Iprint, classified under Improper Input Validation. Published 2010-08-23.
Is CVE-2010-3106 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.