Buffer overflow in Novell Iprint

CVE-2011-1702

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url.

Vulnerability class: Buffer Overflow

EPSS: 0.099 (93.1th percentile) — read the EPSS interpretation.

Affected products

Novell Iprint — versions 4.26, 4.27, 4.28
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

20110606 ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
1025606 (vdb-entry, x_refsource_SECTRACK)
novell-iprint-filedatetime-bo(67877) (vdb-entry, x_refsource_XF)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_MISC)
44811 (x_refsource_SECUNIA, third-party-advisory)
48124 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)