CVE-2010-3106

The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://download.novell.com/Download?buildid=ftwZBxEFjIg~	Patch
http://dvlabs.tippingpoint.com/advisory/TPTI-10-06	Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12044

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:novell:iprint::::::::
	cpe:2.3:a:novell:iprint:4.26:::::::*
	cpe:2.3:a:novell:iprint:4.27:::::::*
	cpe:2.3:a:novell:iprint:4.28:::::::*
	cpe:2.3:a:novell:iprint:4.30:::::::*
	cpe:2.3:a:novell:iprint:4.32:::::::*
	cpe:2.3:a:novell:iprint:4.34:::::::*
	cpe:2.3:a:novell:iprint:4.36:::::::*
	cpe:2.3:a:novell:iprint:4.38:::::::*
	cpe:2.3:a:novell:iprint:5.04:::::::*
	cpe:2.3:a:novell:iprint:5.12:::::::*
	cpe:2.3:a:novell:iprint:5.20b:::::::*
	cpe:2.3:a:novell:iprint:5.30:::::::*
	cpe:2.3:a:novell:iprint:5.32:::::::*

History

No history.

Information

Published : 2010-08-23 22:00

Updated : 2024-02-04 17:54

NVD link : CVE-2010-3106

Mitre link : CVE-2010-3106

CVE.ORG link : CVE-2010-3106

JSON object : View

Products Affected

novell

iprint

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2010-3106", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-08-23T22:00:03.393", "references": [{"url": "http://download.novell.com/Download?buildid=ftwZBxEFjIg~", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-06", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12044", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method."}, {"lang": "es", "value": "El control ActiveX ienipp.ocx en el plugin para el navegador en el cliente de Novell iPrint antes de v5.42 no valida correctamente el par\u00e1metro debug, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (por corrupci\u00f3n de memoria de pila) a trav\u00e9s de un par\u00e1metro value con una longitud modificada a mano. Se trata de una vulnerabilidad relacionada con el m\u00e9todo ExecuteRequest."}], "lastModified": "2017-09-19T01:31:12.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:novell:iprint:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "583C6EB4-A372-4B15-8B3A-09A0D778ECA3", "versionEndIncluding": "5.40"}, {"criteria": "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3332CB43-D2ED-4720-8ED4-AE222C6F7FF3"}, {"criteria": "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9AD9057-2218-481E-96CB-BF568AD3A9F2"}, {"criteria": "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D044326-00CB-4158-A652-7D7FBDB380C7"}, {"criteria": "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BDA0CD3-3E49-42E9-8D41-2B93FEE53610"}, {"criteria": "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAB01661-76E1-4181-A798-6325EFD681FE"}, {"criteria": "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16769BC0-66AE-4AA3-B504-03389717A56D"}, {"criteria": "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25B2994C-8E01-4E7B-A5CA-9F9BE4C634C7"}, {"criteria": "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCCA90D8-A320-43B0-A667-DAFC0D00924F"}, {"criteria": "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F12CAA5-6C37-4FBA-BA41-03C7F81AE6BE"}, {"criteria": "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCA3CFFD-8D4B-4BEC-934A-7E5D18F87807"}, {"criteria": "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2A31E77-BFE6-4F54-9839-8323F8E4995E"}, {"criteria": "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E8EC466-1CA2-4D8E-8D3F-F1246DC1850B"}, {"criteria": "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27533465-909A-4300-A713-36924FB330CA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}