CVE-2008-2908

Currently unrated

Key Information:

Vendor: Novell
Status: Iprint Client
Vendor: CVE Published:; 30 June 2008

Summary

Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.

References

http://www.vupen.com/english/advisories/2008/1837/references

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1020303

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/43085

vdb-entryx_refsource_XF

EPSS Score

86% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 30, 2008
Vulnerability Reserved
Jun 30, 2008

Collectors

NVD DatabaseMitre Database