Novell iPrint Client ienipp.ocx target-frame buffer overflow
Added: 01/12/2010CVE: CVE-2009-1568
BID: 37242
OSVDB: 60803
Background
Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx.Problem
A buffer overflow in ienipp.ocx allows command execution when a user opens a specially crafted page which invokes the Novell iPrint Client ActiveX control with a specially crafted target-frame parameter.Resolution
Upgrade to iPrint Client version 5.3.2 or higher.References
http://secunia.com/secunia_research/2009-40/Limitations
Exploit works on Novell iPrint Client 5.30.00.Platforms
Windows XPBack to exploit index