Iprint
by Novell
CVEs (36)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-4314 | Hig | 0.57 | 8.8 | 0.03 | Mar 11, 2017 | Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter. | ||
| CVE-2018-14902 | Hig | 0.49 | 7.5 | 0.01 | Aug 30, 2018 | The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents. | ||
| CVE-2008-0935 | 0.08 | — | 0.65 | Feb 25, 2008 | Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method. | |||
| CVE-2010-4321 | 0.06 | — | 0.33 | Dec 30, 2010 | Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method. | |||
| CVE-2010-3106 | 0.06 | — | 0.37 | Aug 23, 2010 | The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a… | |||
| CVE-2010-1527 | 0.06 | — | 0.36 | Aug 23, 2010 | Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action. | |||
| CVE-2009-1569 | 0.06 | — | 0.38 | Dec 8, 2009 | Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time. | |||
| CVE-2009-1568 | 0.06 | — | 0.32 | Dec 8, 2009 | Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter. | |||
| CVE-2008-2908 | 0.06 | — | 0.35 | Jun 30, 2008 | Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of… | |||
| CVE-2008-2431 | 0.04 | — | 0.46 | Nov 26, 2008 | Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2)… | |||
| CVE-2014-0599 | 0.00 | — | 0.02 | Jun 18, 2014 | Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2013-3708 | 0.00 | — | 0.01 | Dec 1, 2013 | The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 allows remote attackers to cause a denial of service via unspecified vectors. | |||
| CVE-2013-1091 | 0.00 | — | 0.06 | May 2, 2013 | Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2012-0411 | 0.00 | — | 0.04 | Dec 24, 2012 | Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action. | |||
| CVE-2011-4187 | 0.00 | — | 0.04 | Feb 21, 2012 | Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. | |||
| CVE-2011-4186 | 0.00 | — | 0.04 | Feb 21, 2012 | Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705. | |||
| CVE-2011-4185 | 0.00 | — | 0.03 | Feb 21, 2012 | The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and… | |||
| CVE-2011-1708 | 0.00 | — | 0.06 | Jun 9, 2011 | Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie. | |||
| CVE-2011-1707 | 0.00 | — | 0.05 | Jun 9, 2011 | Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url. | |||
| CVE-2011-1706 | 0.00 | — | 0.06 | Jun 9, 2011 | Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url. |
- risk 0.57cvss 8.8epss 0.03
Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter.
- risk 0.49cvss 7.5epss 0.01
The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents.
- CVE-2008-0935Feb 25, 2008risk 0.08cvss —epss 0.65
Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method.
- CVE-2010-4321Dec 30, 2010risk 0.06cvss —epss 0.33
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method.
- CVE-2010-3106Aug 23, 2010risk 0.06cvss —epss 0.37
The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a…
- CVE-2010-1527Aug 23, 2010risk 0.06cvss —epss 0.36
Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.
- CVE-2009-1569Dec 8, 2009risk 0.06cvss —epss 0.38
Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.
- CVE-2009-1568Dec 8, 2009risk 0.06cvss —epss 0.32
Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter.
- CVE-2008-2908Jun 30, 2008risk 0.06cvss —epss 0.35
Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of…
- CVE-2008-2431Nov 26, 2008risk 0.04cvss —epss 0.46
Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2)…
- CVE-2014-0599Jun 18, 2014risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2013-3708Dec 1, 2013risk 0.00cvss —epss 0.01
The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 allows remote attackers to cause a denial of service via unspecified vectors.
- CVE-2013-1091May 2, 2013risk 0.00cvss —epss 0.06
Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors.
- CVE-2012-0411Dec 24, 2012risk 0.00cvss —epss 0.04
Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action.
- CVE-2011-4187Feb 21, 2012risk 0.00cvss —epss 0.04
Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173.
- CVE-2011-4186Feb 21, 2012risk 0.00cvss —epss 0.04
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705.
- CVE-2011-4185Feb 21, 2012risk 0.00cvss —epss 0.03
The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and…
- CVE-2011-1708Jun 9, 2011risk 0.00cvss —epss 0.06
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie.
- CVE-2011-1707Jun 9, 2011risk 0.00cvss —epss 0.05
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url.
- CVE-2011-1706Jun 9, 2011risk 0.00cvss —epss 0.06
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url.
Page 1 of 2