CVE-2011-4186

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705.

References

http://www.novell.com/support/viewContent.do?externalId=7008708

http://www.novell.com/support/viewContent.do?externalId=7010145

Details

Source: MITRE

Published: 2012-02-21

Updated: 2012-02-22

Type: CWE-119

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (2 total)

IDNameProductFamilySeverity
57890Novell iPrint Client < 5.78 Multiple Code Execution VulnerabilitiesNessusWindows
high
6315Novell iPrint Client < 5.78 Multiple Code Execution VulnerabilitiesNessus Network MonitorWeb Clients
high