CVSS: 9.8EPSS: 55%CPEs: 14EXPL: 2CVE-2010-3106 – Novell iPrint Client - ActiveX Control 'debug' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-3106
23 Aug 2010 — The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method. El control ActiveX ienipp.ocx en el plugin para el navegador en el cliente de Novell iPrint antes de v5.42 no valida correctamente el parámetro debug, lo que permite a atacantes rem... • https://www.exploit-db.com/exploits/15073 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 3%CPEs: 14EXPL: 0CVE-2010-3107
https://notcve.org/view.php?id=CVE-2010-3107
23 Aug 2010 — A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 does not properly restrict the set of files to be deleted, which allows remote attackers to cause a denial of service (recursive file deletion) via unspecified vectors related to a "logic flaw" in the CleanUploadFiles method in the nipplib.dll module. Un control ActiveX en ienipp.ocx en el plugin para el navegador del cliente de Novell iPrint antes de v5.42 no limita apropiadamente el conjunto de archivos que d... • http://download.novell.com/Download?buildid=ftwZBxEFjIg~ • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2010-4314 – Novell iPrint Client Browser Plugin Parameter Name Remote Code Execution
https://notcve.org/view.php?id=CVE-2010-4314
05 Aug 2010 — Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter. Atacantes remotos puede utilizar el plugin ActiveX del navegador web de iPrint en Novell iPrint Client en versiones anteriores a 5.42 para Windows XP/Vista/Win7 para ejecutar código desbordando el parámetro "name". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint C... • https://www.novell.com/support/kb/doc.php?id=7006675 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 11%CPEs: 9EXPL: 0CVE-2008-5231
https://notcve.org/view.php?id=CVE-2008-5231
26 Nov 2008 — Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code via a long target-frame option value, a different vulnerability than CVE-2008-2431. Desbordamiento de búfer basado en pila en el método ExecuteRequest en el control ActiveX Novell iPrint en ienipp.ocx en Novell iPrint Client 5.06 y versiones anteriores, permite a los atacantes remotos ejecutar código arbitrario ... • http://secunia.com/advisories/30667 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 39%CPEs: 9EXPL: 0CVE-2008-2431
https://notcve.org/view.php?id=CVE-2008-2431
26 Nov 2008 — Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPath argument ... • http://secunia.com/advisories/30667 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2008-2432
https://notcve.org/view.php?id=CVE-2008-2432
26 Nov 2008 — Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell iPrint Client before 5.06 allows remote attackers to list the image files in an arbitrary directory via a directory name in the argument. Vulnerabilidad de método inseguro en el método GetFileList en un control ActiveX no especificado en Novell iPrint Client anterior a v5.06 permite a atacantes remotos listar los archivos de imagen en un directorio de su elección mediante un nombre de directorio en el argumen... • http://secunia.com/advisories/30667 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 18%CPEs: 5EXPL: 0CVE-2008-2436
https://notcve.org/view.php?id=CVE-2008-2436
05 Sep 2008 — Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx. Múltiples desbordamientos de búfer basados en pila en la función nipplib.dll de Novell iPrint Client 4.x anteriores a la 4.38 y 5.x anteriores a la 5.08, permite... • http://secunia.com/advisories/31370 • CWE-94: Improper Control of Generation of Code ('Code Injection') •