131136 : Novell IPrint Control ActiveX (ienipp.ocx) ExecuteRequest() Method Overflow

Risk 5 : Windows

The remote host contains the iPrint Control ActiveX control distributed with Novell iPrint Client.

The installed version of that control reportedly contains a buffer overflow that can be triggered by passing an argument longer than 256 bytes to the 'ExecuteRequest' method. If a remote attacker can trick a user on the affected host into visiting a specially-crafted web page, he may be able to leverage this issue to execute arbitrary code on the affected host subject to the user's privileges.

Upgrade to Novell iPrint Client for Windows 4.34 or later and ensure the control has a file version of or higher.
CVSS Information:
Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact
Tenable : 2009-12-04
New Search
Risk Factor
Start Date
End Date