CVE-2011-4187 – Novell iPrint Client nipplib.dll GetDriverSettings realm Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-4187
Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. Desbordamiento de búfer en la función GetDriverSettings en ??nipplib.dll en el cliente de Novell iPrint antes de v5.78 en Windows permite a atacantes remotos ejecutar código de su elección a través de un campo de dominio de largo. Se trata de una vulnerabilidad diferente a CVE-2011-3173. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. • http://www.novell.com/support/viewContent.do?externalId=7008708 http://www.novell.com/support/viewContent.do?externalId=7010143 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-4321 – Novell iPrint Activex GetDriverSettings Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-4321
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method. El desbordamiento de búfer en la región stack de la memoria en un control ActiveX en el archivo ienipp.ocx en Novell iPrint Client versión 5.52, permite a los atacantes remotos ejecutar código arbitrario por medio de un argumento largo en (1) el método GetDriverSettings2, según sea accesible por (2 ) el método GetDriverSettings. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ienipp.ocx component. When handling the exposed method a GetDriverSettings call is made into nipplib! • https://www.exploit-db.com/exploits/16014 https://www.exploit-db.com/exploits/16956 http://securityreason.com/securityalert/8125 http://www.exploit-db.com/exploits/16014 http://www.novell.com/support/viewContent.do?externalId=7007234 http://www.securityfocus.com/bid/44966 http://www.zerodayinitiative.com/advisories/ZDI-10-256 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •