CVE-2008-2908

Novell iPrint Client < 4.35 - Remote Code Execution via ActiveX Control Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-2908. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/browser/novelliprint_getdriversettings.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in Novell iPrint Client 4.34 via the GetDriverSettings() property of the ienipp.ocx ActiveX control. It delivers a payload through a malicious HTML page with embedded JavaScript to achieve remote code execution.

Description

Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16508

This exploit targets a stack buffer overflow in Novell iPrint Client 4.34 via the GetDriverSettings() property of the ienipp.ocx ActiveX control. It delivers a payload through a malicious HTML page with embedded JavaScript to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell iPrint Client 4.34
No auth needed
Prerequisites: Victim must visit a malicious webpage · ActiveX control must be installed and enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/novelliprint_getdriversettings.rb

This Metasploit module exploits a stack buffer overflow in Novell iPrint Client 4.34 by sending an overly long string to the GetDriverSettings() property of ienipp.ocx, allowing arbitrary code execution. The exploit uses JavaScript to craft a malicious payload and trigger the vulnerability via an ActiveX control.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell iPrint Client 4.34
No auth needed
Prerequisites: Victim must visit a malicious web page hosting the exploit · ActiveX controls must be enabled in the victim's browser
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1837/references
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020303
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43085
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/145313
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30709
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/29736

Scores

EPSS 0.7026
EPSS Percentile 98.7%

Details

CWE
CWE-119
Status published
Products (1)
novell/iprint_client < 4.35
Published Jun 30, 2008
Tracked Since Feb 18, 2026