← back
CVE-2010-3106

CVE-2010-3106

EPSS 37.3%
The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/15073unverifiedexploitdbwww.exploit-db.com/exploits/16492unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://download.novell.com/Download?buildid=ftwZBxEFjIg~http://dvlabs.tippingpoint.com/advisory/TPTI-10-06https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12044