CVE-2008-5231

Description

Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code via a long target-frame option value, a different vulnerability than CVE-2008-2431.

Affected products

• Novell / iprint5.04
• Novell / iprint4.26 – 4.26
• Novell / iprint4.27 – 4.27
• Novell / iprint4.28 – 4.28
• Novell / iprint4.30 – 4.30
• Novell / iprint4.32 – 4.32
• Novell / iprint4.34 – 4.34
• Novell / iprint4.36 – 4.36
• Novell / iprint4.38 – 4.38

References

• MISChttp://secunia.com/secunia_research/2008-27/advisory/
• VENDOR_ADVISORYhttp://secunia.com/advisories/30667
• MISChttp://www.securityfocus.com/bid/30813