Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1569Improper Restriction of Operations within the Bounds of a Memory Buffer in Iprint

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
9.3CRITICALNVD
EPSS
65.5%
top 1.50%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Iprint
Timeline
PublishedDec 8
Latest updateMay 2

Description

Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDnovell/iprint4.38, 5.30+1

Patches

Patch: download.novell.comPatch: www.securityfocus.comPatch: www.vupen.com

🔴Vulnerability Details

2
GHSA
GHSA-5r5g-fw5m-jm66: Multiple stack-based buffer overflows in Novell iPrint Client 42022-05-02
CVEList
CVE-2009-1569: Multiple stack-based buffer overflows in Novell iPrint Client 42009-12-08

💥Exploits & PoCs

1
Exploit-DB
Novell iPrint Client - ActiveX Control Date/Time Buffer Overflow (Metasploit)2010-05-09
CVE-2009-1569 — Novell Iprint vulnerability | cvebase