Heap-Based Buffer Overflow in Novell iPrint Client
CVE-2011-1699

Currently unrated

Key Information:

Vendor: Novell
Status: Iprint
Vendor: CVE Published:; 9 June 2011

What is CVE-2011-1699?

A heap-based buffer overflow vulnerability exists in nipplib.dll of the Novell iPrint Client prior to version 5.64. This flaw allows remote attackers to potentially execute arbitrary code by sending specially crafted URI parameters embedded in printer URLs. Exploiting this vulnerability could lead to unauthorized actions being carried out on the affected systems.

References

http://zerodayinitiative.com/advisories/ZDI-11-172/

x_refsource_MISC

http://www.securitytracker.com/id?1025606

vdb-entryx_refsource_SECTRACK

http://download.novell.com/Download?buildid=6_bNby38ERg~

x_refsource_CONFIRM

EPSS Score

23% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2011
Vulnerability Reserved
Apr 15, 2011