Detections
Analytics
Novell iPrint Client < 5.78 Multiple Code Execution Vulnerabilities
high Nessus Network Monitor Plugin ID 6315
Synopsis
The remote host contains an application that is affected by multiple code execution vulnerabilities.Description
The remote host has the Novell iPrint client installed.Versions of Novell iPrint Client earlier than 5.78 are potentially affected one or more of the following vulnerabilities that can allow for arbitrary code execution :
- An unspecified issue exists in the GetDriverSettings realm in nipplib.dll. (CVE-2011-4187)
- An unspecified issue exists in GetPrinterURLList2 in the ActiveX control. (CVE-2011-4185)
- An unspecified issue exists in client-file-name parsing in nipplib.dll. (CVE-2011-4186)
Solution
Upgrade to Novell iPrint Client 5.78 or later.See Also
http://www.novell.com/support/viewContent.do?externalId=7008708
Plugin Details
Severity: High
ID: 6315
Family: Web Clients
Published: 2/9/2012
Updated: 3/6/2019
Nessus ID: 57890
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:novell:iprint
Patch Publication Date: 2/9/2012
Vulnerability Publication Date: 2/9/2012
Reference Information
CVE: CVE-2011-4185, CVE-2011-4186, CVE-2011-4187
BID: 51926