CVE-2009-1569

Novell iPrint Client 4.38, 5.30 - Stack-Based Buffer Overflow via Date and Time Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-1569. PoCs published by Metasploit, jduck, including Metasploit module exploits/windows/browser/novelliprint_datetime.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Novell iPrint Client 5.30 via a crafted date/time string passed to the ienipp.ocx ActiveX control. It achieves remote code execution by leveraging a JMP ESP instruction in the vulnerable control.

Description

Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16543

This Metasploit module exploits a stack buffer overflow in Novell iPrint Client 5.30 via a crafted date/time string passed to the ienipp.ocx ActiveX control. It achieves remote code execution by leveraging a JMP ESP instruction in the vulnerable control.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell iPrint Client 5.30
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be installed and enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/novelliprint_datetime.rb

This Metasploit module exploits a stack buffer overflow in Novell iPrint Client 5.30 via a crafted date/time string passed to the ienipp.ocx ActiveX control. It achieves remote code execution by leveraging a JMP ESP instruction in the vulnerable component.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell iPrint Client 5.30
No auth needed
Prerequisites: Victim must visit a malicious web page hosting the exploit · ActiveX control must be installed and enabled
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/508288/100/0/threaded
Patch, Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3429
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37242
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35004
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2009-44/
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37169

Scores

EPSS 0.3752
EPSS Percentile 98.3%

Details

CWE
CWE-119
Status published
Products (2)
novell/iprint 4.38
novell/iprint 5.30
Published Dec 08, 2009
Tracked Since Feb 18, 2026