Novell iPrint Client < 5.32 Multiple Buffer Overflow Vulnerabilities

Medium Nessus Network Monitor Plugin ID 5255


The remote Windows host has an application that is vulnerable to multiple attack vectors.


The installed version of Novell iPrint Client is affected by multiple buffer overflow vulnreabilities :

- A stack-based buffer overflow exists due to insufficient boudnary checks on the 'target-frame' parameter. (CVE-2009-1568)

- A stack-based buffer overflow exists due to insufficient validation of time information. (CVE-2009-1569)


Upgrade to Novell iPrint Client version 5.32 or later.

See Also

Plugin Details

Severity: Medium

ID: 5255

Family: Web Clients

Published: 2009/12/09

Modified: 2016/01/19

Dependencies: 4543

Nessus ID: 43060

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 5.6

Temporal Score: 5.2


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2009/12/08

Vulnerability Publication Date: 2009/12/08

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (Novell iPrint Client ActiveX Control Date/Time Buffer Overflow)

Reference Information

CVE: CVE-2009-1568, CVE-2009-1569

BID: 37242