CVSS: 9.3EPSS: 30%CPEs: 20EXPL: 0CVE-2011-1699 – Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1699
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url. Desbordamiento de búfer basado en memoria dinámica en nipplib.dll en Novell iPrint Client anterior a v5.64 permite a atacantes remotos ejecutar código de su elección a través del parámetro manipulado uri en un printer-url. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the uri parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. • http://download.novell.com/Download?buildid=6_bNby38ERg~ http://secunia.com/advisories/44811 http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008720 http://www.securityfocus.com/archive/1/518266/100/0/threaded http://www.securityfocus.com/bid/48124 http://www.securitytracker.com/id?1025606 http://zerodayinitiative.com/advisories/ZDI-11-172 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 30%CPEs: 20EXPL: 0CVE-2011-1700 – Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1700
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url. Desbordamiento de búfer basado en memoria dinámica en nipplib.dll en Novell iPrint Client anterior a v5.64 permite a atacantes remotos ejecutar código de su elección a través del parámetro manipulado profile-time en un printer-url. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the profile-time parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. • http://download.novell.com/Download?buildid=6_bNby38ERg~ http://secunia.com/advisories/44811 http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008722 http://www.securityfocus.com/archive/1/518267/100/0/threaded http://www.securityfocus.com/bid/48124 http://www.securitytracker.com/id?1025606 http://zerodayinitiative.com/advisories/ZDI-11-173 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 30%CPEs: 20EXPL: 0CVE-2011-1701 – Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1701
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url. Desbordamiento de búfer basado en memoria dinámica en nipplib.dll de Novell iPrint Client ,permite a atacantes remotos ejecutar código arbitrario a través de un parámetro profile-name manipulado en una url de impresora. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the profile-name parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. • http://download.novell.com/Download?buildid=6_bNby38ERg~ http://secunia.com/advisories/44811 http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008723 http://www.securityfocus.com/archive/1/518269/100/0/threaded http://www.securityfocus.com/bid/48124 http://www.securitytracker.com/id?1025606 http://zerodayinitiative.com/advisories/ZDI-11-174 https://exchange.xforce.ibmcloud.com/vulnerabilities/67876 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 23%CPEs: 20EXPL: 0CVE-2011-1702 – Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1702
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url. Desbordamiento de búfer basado en memoria dinámica en nipplib.dll en Novell iPrint Client anterior a v5.64 permite a atacantes remotos ejecutar código de su elección a través del parámetro manipulado file-date-time en un printer-url. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the file-date-time parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. • http://download.novell.com/Download?buildid=6_bNby38ERg~ http://secunia.com/advisories/44811 http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008724 http://www.securityfocus.com/archive/1/518270/100/0/threaded http://www.securityfocus.com/bid/48124 http://www.securitytracker.com/id?1025606 http://zerodayinitiative.com/advisories/ZDI-11-175 https://exchange.xforce.ibmcloud.com/vulnerabilities/67877 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 30%CPEs: 20EXPL: 0CVE-2011-1703 – Novell iPrint nipplib.dll driver-version Remote Code Vulnerability
https://notcve.org/view.php?id=CVE-2011-1703
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url. Desbordamiento de búfer basado en memoria dinámica en nipplib.dll en Novell iPrint Client v5.64 ,permite a atacantes remotos ejecutar código arbitrario a través de un parámetro driver-version manipulado en una url de impresora. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the driver-version parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. • http://download.novell.com/Download?buildid=6_bNby38ERg~ http://secunia.com/advisories/44811 http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008727 http://www.securityfocus.com/archive/1/518271/100/0/threaded http://www.securityfocus.com/bid/48124 http://www.securitytracker.com/id?1025606 http://zerodayinitiative.com/advisories/ZDI-11-176 https://exchange.xforce.ibmcloud.com/vulnerabilities/67878 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •