CVE-2010-3106

{"id": "CVE-2010-3106", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-08-23T22:00:03.393", "references": [{"url": "http://download.novell.com/Download?buildid=ftwZBxEFjIg~", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-06", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12044", "source": "cve@mitre.org"}, {"url": "http://download.novell.com/Download?buildid=ftwZBxEFjIg~", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-06", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12044", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method."}, {"lang": "es", "value": "El control ActiveX ienipp.ocx en el plugin para el navegador en el cliente de Novell iPrint antes de v5.42 no valida correctamente el par\u00e1metro debug, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (por corrupci\u00f3n de memoria de pila) a trav\u00e9s de un par\u00e1metro value con una longitud modificada a mano. Se trata de una vulnerabilidad relacionada con el m\u00e9todo ExecuteRequest."}], "lastModified": "2024-11-21T01:18:02.553", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:novell:iprint:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "583C6EB4-A372-4B15-8B3A-09A0D778ECA3", "versionEndIncluding": "5.40"}, {"criteria": "cpe:2.3:a:novell:iprint:4.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3332CB43-D2ED-4720-8ED4-AE222C6F7FF3"}, {"criteria": "cpe:2.3:a:novell:iprint:4.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9AD9057-2218-481E-96CB-BF568AD3A9F2"}, {"criteria": "cpe:2.3:a:novell:iprint:4.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D044326-00CB-4158-A652-7D7FBDB380C7"}, {"criteria": "cpe:2.3:a:novell:iprint:4.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BDA0CD3-3E49-42E9-8D41-2B93FEE53610"}, {"criteria": "cpe:2.3:a:novell:iprint:4.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAB01661-76E1-4181-A798-6325EFD681FE"}, {"criteria": "cpe:2.3:a:novell:iprint:4.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16769BC0-66AE-4AA3-B504-03389717A56D"}, {"criteria": "cpe:2.3:a:novell:iprint:4.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25B2994C-8E01-4E7B-A5CA-9F9BE4C634C7"}, {"criteria": "cpe:2.3:a:novell:iprint:4.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCCA90D8-A320-43B0-A667-DAFC0D00924F"}, {"criteria": "cpe:2.3:a:novell:iprint:5.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F12CAA5-6C37-4FBA-BA41-03C7F81AE6BE"}, {"criteria": "cpe:2.3:a:novell:iprint:5.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCA3CFFD-8D4B-4BEC-934A-7E5D18F87807"}, {"criteria": "cpe:2.3:a:novell:iprint:5.20b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2A31E77-BFE6-4F54-9839-8323F8E4995E"}, {"criteria": "cpe:2.3:a:novell:iprint:5.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E8EC466-1CA2-4D8E-8D3F-F1246DC1850B"}, {"criteria": "cpe:2.3:a:novell:iprint:5.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27533465-909A-4300-A713-36924FB330CA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}