Novell iPrint Client ActiveX control call-back-url buffer overflow

Added: 08/25/2010
CVE: CVE-2010-1527
BID: 42576

Background

Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx.

Problem

A buffer overflow vulnerability allows command execution when a user loads a web page which invokes the Novell iPrint Client ActiveX Control with a long, specially crafted call-back-url parameter.

Resolution

Upgrade to Novell iPrint Client 5.44.

References

http://www.novell.com/support/viewContent.do?externalId=7006679
http://secunia.com/secunia_research/2010-104/

Limitations

Exploit works on Novell iPrint Client 5.42 and requires a user to open the exploit page in Internet Explorer 6 or 7.

Platforms

Windows

Back to exploit index