CVE-2009-1569

Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://download.novell.com/Download?buildid=29T3EFRky18~	Patch
http://secunia.com/advisories/35004	Vendor Advisory
http://secunia.com/advisories/37169	Vendor Advisory
http://secunia.com/secunia_research/2009-44/	Vendor Advisory
http://www.securityfocus.com/archive/1/508288/100/0/threaded
http://www.securityfocus.com/bid/37242	Patch
http://www.vupen.com/english/advisories/2009/3429	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:novell:iprint:4.38::client:::::
	cpe:2.3:a:novell:iprint:5.30::client:::::

History

No history.

Information

Published : 2009-12-08 23:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-1569

Mitre link : CVE-2009-1569

CVE.ORG link : CVE-2009-1569

JSON object : View

Products Affected

novell

iprint

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2009-1569", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-12-08T23:30:00.280", "references": [{"url": "http://download.novell.com/Download?buildid=29T3EFRky18~", "tags": ["Patch"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/35004", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/37169", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2009-44/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/archive/1/508288/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/bid/37242", "tags": ["Patch"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3429", "tags": ["Patch", "Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en Novell iPrint Client v4.38, v5.30, y probablemente otras versiones anteriores a v5.32 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores relacionados con (1) Date y (2) Time."}], "lastModified": "2018-10-10T19:37:19.580", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:novell:iprint:4.38:*:client:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DEEE521-1D76-4ED8-951E-058D9311C6BC"}, {"criteria": "cpe:2.3:a:novell:iprint:5.30:*:client:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1949289F-4AAC-4B6F-8FAE-64BEFC4FB3D8"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com"}