Novell Iprint vulnerabilities

CVE-2010-3105 [CRITICAL] CWE-119 CVE-2010-3105: The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized mem The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVE-2010-1527 [CRITICAL] CWE-119 CVE-2010-1527: Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute a Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.

CVE-2010-3107 [HIGH] CWE-264 CVE-2010-3107: A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 do A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 does not properly restrict the set of files to be deleted, which allows remote attackers to cause a denial of service (recursive file deletion) via unspecified vectors related to a "logic flaw" in the CleanUploadFiles method in the nipplib.dll module.

CVE-2009-1569 [CRITICAL] CWE-119 CVE-2009-1569: Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other version Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.

CVE-2009-3176 [CRITICAL] CWE-119 CVE-2009-3176: Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 allows remote attackers to cause Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.1, "Novell iPrint Client 4.38 ActiveX exploit." NOTE: as of 20090909, this disclosure has

CVE-2008-5231 [CRITICAL] CVE-2008-5231: Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ien Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code via a long target-frame option value, a different vulnerability than CVE-2008-2431.

CVE-2008-2431 [CRITICAL] CWE-119 CVE-2008-2431: Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbi Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFil

CVE-2008-2432 [MEDIUM] CWE-200 CVE-2008-2432: Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell Insecure method vulnerability in the GetFileList method in an unspecified ActiveX control in Novell iPrint Client before 5.06 allows remote attackers to list the image files in an arbitrary directory via a directory name in the argument.

CVE-2008-1701 [MEDIUM] CVE-2008-1701: Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPr Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPrint client request.

CVE-2008-0935 [CRITICAL] CWE-119 CVE-2008-0935: Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPr Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method.