Check Point Advisories

Update Protection against Novell iPrint Client ienipp.ocx target-frame Stack Buffer Overflow

Check Point Reference: CPAI-2010-127
Date Published: 23 Apr 2010
Severity: Critical
Last Updated: Friday 01 January, 2010
Source: Security Advisory: SA37169
Industry Reference:CVE-2009-1568
Protection Provided by:
Who is Vulnerable? Novell iPrint Client prior to 5.32
Vulnerability Description A buffer overflow vulnerability exists in Novell iPrint Client, an application that allows users to install and manage printers, or submit print jobs from a web browser. The vulnerability is due to a boundary error in the ActiveX control when parsing target-frame parameter values. A remote attacker can exploit this vulnerability by persuading a target user to open a malicious web page. Successful exploitation could result in remote code execution.
Update/Patch AvaliableNovell has released an advisory to address this vulnerability.
Vulnerability DetailsThe vulnerability exists in the Novell iPrint client within the ActiveX control, specifically when handling overly large target-frame parameter values passed in during the ActiveX control object instantiation.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK