Buffer overflow in Novell Iprint

CVE-2011-1699

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url.

Vulnerability class: Buffer Overflow

EPSS: 0.271 (96.5th percentile) — read the EPSS interpretation.

Affected products

Novell Iprint — versions 4.26, 4.27, 4.28
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (x_refsource_MISC)
1025606 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Patch)
20110606 ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
44811 (x_refsource_SECUNIA, third-party-advisory)
48124 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)