Update Protection against Novell iPrint Client ActiveX Control Multiple Vulnerabilities
| Check Point Reference: | CPAI-2008-236 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia: SA30667 | |
| Industry Reference(s): | CVE-2008-2431 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Novell iPrint Client prior to 4.38 Novell iPrint Client for Windows Vista prior to 5.08 | ||
| Vulnerability Description Multiple Vulnerabilities have been reported in Novell iPrint Client. Novell iPrint Client is an application that allows users to install and manage printers, or submit print job from a web browser. Novell iPrint Client is bundled with a set of ActiveX controls that implement various functions. Multiple buffer overflow vulnerabilities can be triggered by supplying crafted arguments to the affected iPrint Client ActiveX controls. Successful exploitation might lead to injection and execution of arbitrary code. |
||
|
Vulnerability Status The vulnerability has been publicly disclosed. |
|
|
Update/Patch Available The vendor has release patches: Novell iPrint Client for Windows 4.38: http://download.novell.com/Download?buildid=3q-_lVDVRFI~ Novell iPrint Client for Windows Vista 5.08: http://download.novell.com/Download?buildid=dv_yn4TOPmQ~
|
|
|
Vulnerability Details |
Protection Overview
By enabling this protection, IPS-1 will detect and block the use of a particular ActiveX control.
To configure the defense, select your product from the list below and follow the related protection steps.