CVE-2010-3106

Novell iPrint Client <5.42 - RCE

Title source: llm

Description

The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16492

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Trancer · rubyremotewindows

https://www.exploit-db.com/exploits/15073

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/novelliprint_executerequest_dbg.rb

View Code ZIP pw:eip

References (3)

[Patch] http://dvlabs.tippingpoint.com/advisory/TPTI-10-06

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12044

[Patch] http://download.novell.com/Download?buildid=ftwZBxEFjIg~

Scores

EPSS 0.5577

EPSS Percentile 98.1%

Details

CWE

CWE-20

Status published

Products (14)

novell/iprint 4.26

novell/iprint 4.27

novell/iprint 4.28

novell/iprint 4.30

novell/iprint 4.32

novell/iprint 4.34

novell/iprint 4.36

novell/iprint 4.38

novell/iprint 5.04

novell/iprint 5.12

... and 4 more

Published Aug 23, 2010

Tracked Since Feb 18, 2026