Environment
Novell iPrint Client for Windows
Situation
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint Client Browser Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling plugin parameters.
Resolution
Fix is included in "iPrint Client for Windows XP/Vista/Win7 5.42"
Status
Security AlertAdditional Information
ZDI-CAN-754: "Novell iPrint Client Browser Plugin Remote Code Execution Vulnerability."
This vulnerability was discovered by Ivan Almuina, working with TippingPoint's Zero Day Iniative. CVE-2010-4315.