Buffer overflow in Novell Iprint

CVE-2011-1708

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie.

Vulnerability class: Buffer Overflow

EPSS: 0.128 (94.2th percentile) — read the EPSS interpretation.

Affected products

Novell Iprint — versions 4.26, 4.27, 4.28
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

1025606 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Patch)
novell-iprint-opprinterlistalljobs-cookie-bo(67882) (vdb-entry, x_refsource_XF)
44811 (x_refsource_SECUNIA, third-party-advisory)
48124 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
20110606 ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)