Environment
The vulnerability is caused by a boundary error in the handling of the "target-frame" parameter and can be exploited to cause a stack-based buffer overflow via an overly long parameter value.
Successful exploitation allows execution of arbitrary code when a user visits a malicious website.
Situation
The vulnerability is caused by a boundary error in the parsing of certain time information and can be exploited to cause a stack-based buffer overflow via
overly long strings passed to certain parameters and methods.
Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
Resolution
Fixed in OES2 SP2 January 2010 Scheduled Maintenance 20100130
Status
Security AlertAdditional Information
Found by Secunia Research, SA37169#2: Novell iPrint Client boundary error in the parsing of certain time information