Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2008-2431

Published: 26/11/2008 Updated: 08/08/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Iprint

Vulnerability Summary

Multiple buffer overflows in Novell iPrint Client prior to 5.06 allow remote malicious users to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPath argument to the (8) UploadPrinterDriver or (9) UploadResource method, related to URIs; (10) a long seventh argument to the UploadResource method; a long string in the (11) second, (12) third, or (13) fourth argument to the GetDriverSettings method, related to the IppGetDriverSettings function in nipplib.dll; or (14) a long eighth argument to the UploadResourceToRMS method.

Vulnerable Product Search on Vulmon Subscribe to Product

novell iprint 4.27

novell iprint 4.30

novell iprint

novell iprint 4.34

novell iprint 4.38

novell iprint 4.36

novell iprint 4.26

novell iprint 4.32

novell iprint 4.28

Vendor Advisories

Check Point Security Alerts: Novell iPrint Buffer Overflow (CVE-2008-2431)
Check Point Reference: CPAI-2008-0475 Date Published: 26 Nov 2023 Severity: High ...

References

CWE-119http://secunia.com/secunia_research/2008-27/advisory/http://secunia.com/advisories/30667http://www.securityfocus.com/bid/30813https://exchange.xforce.ibmcloud.com/vulnerabilities/44616https://nvd.nist.govhttps://advisories.checkpoint.com/defense/advisories/public/2023/cpai-2008-0475.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook