‘Novell iPrint op-printer-list-all-jobs url Code Execution Vulnerability’
‘The information has been provided by Ivan Rodriguez Almuina.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-11-181/‘
* Novell iPrint
User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the op-printer-list-all-jobs parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
The fix has been documented as
7008726: Security Vulnerability – Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability TID
2011-04-04 – Vulnerability reported to vendor
2011-06-06 – Coordinated public release of advisory’