CVE-2010-3106: Input Validation
First published: Mon Aug 23 2010(Updated: )
The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Novell Iprint | =5.20b | |
| Novell Iprint | =5.30 | |
| Novell Iprint | =4.34 | |
| Novell Iprint | =4.38 | |
| Novell Iprint | =4.27 | |
| Novell Iprint | <=5.40 | |
| Novell Iprint | =4.32 | |
| Novell Iprint | =4.26 | |
| Novell Iprint | =5.12 | |
| Novell Iprint | =4.36 | |
| Novell Iprint | =4.28 | |
| Novell Iprint | =5.32 | |
| Novell Iprint | =4.30 | |
| Novell Iprint | =5.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/novell
- canonical/novell iprint
- version/novell iprint/5.20b
- version/novell iprint/5.30
- version/novell iprint/4.34
- version/novell iprint/4.38
- version/novell iprint/4.27
- version/novell iprint/5.40
- version/novell iprint/4.32
- version/novell iprint/4.26
- version/novell iprint/5.12
- version/novell iprint/4.36
- version/novell iprint/4.28
- version/novell iprint/5.32
- version/novell iprint/4.30
- version/novell iprint/5.04