CVE-2010-1527

Novell iPrint Client <5.44 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Trancer · rubyremotewindows

https://www.exploit-db.com/exploits/15072

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Abysssec · pythonremotewindows

https://www.exploit-db.com/exploits/15042

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/novelliprint_callbackurl.rb

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/61220

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/42576

[Vendor Advisory] http://secunia.com/secunia_research/2010-104/

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11973

[Vendor Advisory] http://www.novell.com/support/viewContent.do?externalId=7006679

[Vendor Advisory] http://secunia.com/advisories/40805

Scores

EPSS 0.6115

EPSS Percentile 98.3%

Details

CWE

CWE-119

Status published

Products (15)

novell/iprint 4.26

novell/iprint 4.27

novell/iprint 4.28

novell/iprint 4.30

novell/iprint 4.32

novell/iprint 4.34

novell/iprint 4.36

novell/iprint 4.38

novell/iprint 5.04

novell/iprint 5.12

... and 5 more

Published Aug 23, 2010

Tracked Since Feb 18, 2026