Security Vulnerability - Novell iPrint Client ActiveX GetPrinterURLList2 Remote Code Execution Vulnerability

  • 7010144
  • 09-Feb-2012
  • 26-Apr-2012

Environment

Novell iPrint Client for Windows

Situation

This security vulnerability can lead to memory corruption which can be leveraged to execute code under the context of the process.

Resolution

The fix for this security vulnerability is included in the released "iPrint Client for Windows XP/Vista/Win 7 5.78" patch, available at https://download.novell.com/Download?buildid=ot93emvqm1k~ or later.

Status

Security Alert

Additional Information

ZDI-CAN-1458: Novell iPrint Client ActiveX GetPrinterURLList2 Remote Code Execution Vulnerability. This vulnerability was found by Brian Gorenc, working with TippingPoint's Zero Day Initiative. CVE-2011-4185.