CVE-2010-4321
Novell iPrint Activex GetDriverSettings Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method.
El desbordamiento de búfer en la región stack de la memoria en un control ActiveX en el archivo ienipp.ocx en Novell iPrint Client versión 5.52, permite a los atacantes remotos ejecutar código arbitrario por medio de un argumento largo en (1) el método GetDriverSettings2, según sea accesible por (2 ) el método GetDriverSettings.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The flaw exists within the ienipp.ocx component. When handling the exposed method a GetDriverSettings call is made into nipplib!IppGetDriverSettings2 where the process will blindly copy user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-11-29 CVE Reserved
- 2010-12-23 CVE Published
- 2011-01-19 First Exploit
- 2024-08-07 CVE Updated
- 2024-11-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://securityreason.com/securityalert/8125 | Third Party Advisory | |
http://www.novell.com/support/viewContent.do?externalId=7007234 | X_refsource_confirm | |
http://www.securityfocus.com/bid/44966 | Vdb Entry | |
http://www.zerodayinitiative.com/advisories/ZDI-10-256 | X_refsource_misc |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/16014 | 2011-01-19 | |
https://www.exploit-db.com/exploits/16956 | 2011-03-07 | |
http://www.exploit-db.com/exploits/16014 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Novell Search vendor "Novell" | Iprint Client Search vendor "Novell" for product "Iprint Client" | 5.52 Search vendor "Novell" for product "Iprint Client" and version "5.52" | - |
Affected
|