Heap-Based Buffer Overflow in Novell iPrint Client Vulnerability
CVE-2008-2436

Currently unrated

Key Information:

Vendor: Novell
Status: Iprint Client
Vendor: CVE Published:; 5 September 2008

Summary

The Novell iPrint Client contains a vulnerability that allows remote attackers to exploit buffer overflow conditions in the IppCreateServerRef function within nipplib.dll. By sending a specially crafted request to the GetPrinterURLList, GetPrinterURLList2, or GetFileList2 functions in the ActiveX control (ienipp.ocx), an attacker may execute arbitrary code on the vulnerable system, potentially leading to unauthorized access or control.

References

http://securityreason.com/securityalert/4228

third-party-advisoryx_refsource_SREASON

http://www.securitytracker.com/id?1020806

vdb-entryx_refsource_SECTRACK

http://secunia.com/secunia_research/2008-33/advisory

x_refsource_MISC

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 5, 2008
Vulnerability Reserved
May 27, 2008