CVE-2003-1142
Description
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=4.10
Patches
Vulnerability mechanics
Root cause
"A buffer overflow vulnerability exists in the handling of print job data."
Attack vector
An attacker can send a specially crafted print job to the vulnerable LPD-LPR Print Server. This job contains an oversized buffer that overwrites critical control data on the stack. The exploit then redirects execution to shellcode embedded within the same payload, allowing arbitrary code execution with SYSTEM privileges [ref_id=1].
Affected code
The vulnerability lies within the NIPrint LPD-LPR Print Server, specifically in versions 4.10 and earlier. The exploit code targets a buffer overflow when processing print job data, leading to arbitrary code execution [ref_id=1].
What the fix does
The advisory does not provide specific details on a patch or remediation steps beyond recommending users upgrade to a non-vulnerable version. Therefore, the exact code changes that fix this vulnerability are not detailed.
Preconditions
- inputThe target system must be running NIPrint LPD-LPR Print Server version 4.10 or earlier.
- networkThe attacker must be able to send network traffic to the LPD-LPR Print Server on its listening port (typically 515).
Reproduction
The provided exploit code can be used to reproduce the vulnerability by targeting a vulnerable instance of the NIPrint LPD-LPR Print Server [ref_id=1].
Generated on Jun 6, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3- www.securityfocus.com/bid/8969nvdExploitVendor Advisory
- www.securityfocus.com/archive/1/343258nvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/13592nvd
News mentions
0No linked articles in our index yet.