Stack-based Buffer Overflow in Novell iPrint Client for Windows
CVE-2008-2908

Currently unrated

Key Information:

Vendor: Novell
Status: Iprint Client
Vendor: CVE Published:; 30 June 2008

What is CVE-2008-2908?

Multiple stack-based buffer overflows exist in the ActiveX control of the Novell iPrint Client for Windows prior to version 4.36. These vulnerabilities may allow remote attackers to execute arbitrary code on the affected systems by sending specially crafted parameters such as (1) operation, (2) printer-url, or (3) target-frame. Exploiting these vulnerabilities poses significant security risks, as unauthorized code execution can lead to full system compromise.

References

http://www.vupen.com/english/advisories/2008/1837/references

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1020303

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/43085

vdb-entryx_refsource_XF

EPSS Score

56% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2008
Vulnerability Reserved
Jun 30, 2008