CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-2436

Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) GetPrinterURLList2, or (3) GetFileList2 function in the Novell iPrint ActiveX control in ienipp.ocx.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.186

EPSS Ranking 95.0%

CVSS Severity

CVSS v2 Score 9.3

References

http://secunia.com/advisories/31370
http://secunia.com/secunia_research/2008-33/advisory
http://securityreason.com/securityalert/4228
http://www.securityfocus.com/archive/1/495940/100/0/threaded
http://www.securityfocus.com/bid/30986
http://www.securitytracker.com/id?1020806
http://www.vupen.com/english/advisories/2008/2481
https://exchange.xforce.ibmcloud.com/vulnerabilities/44853
http://secunia.com/advisories/31370
http://secunia.com/secunia_research/2008-33/advisory
http://securityreason.com/securityalert/4228
http://www.securityfocus.com/archive/1/495940/100/0/threaded
http://www.securityfocus.com/bid/30986
http://www.securitytracker.com/id?1020806
http://www.vupen.com/english/advisories/2008/2481
https://exchange.xforce.ibmcloud.com/vulnerabilities/44853

Products affected by CVE-2008-2436

Novell » Iprint Client » Version: 4.26

cpe:2.3:a:novell:iprint_client:4.26
Novell » Iprint Client » Version: 4.32

cpe:2.3:a:novell:iprint_client:4.32
Novell » Iprint Client » Version: 4.35

cpe:2.3:a:novell:iprint_client:4.35
Novell » Iprint Client » Version: 4.36

cpe:2.3:a:novell:iprint_client:4.36
Novell » Iprint Client » Version: 5.06

cpe:2.3:a:novell:iprint_client:5.06

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-2436

Products

Pricing

Contact Us