The flaw exists within the nipplib.dll component. When handling the exposed method GetDriverSettings the application assembles a string for logging consisting of the hostname/port provided as a parameter. When building this message the process will blindly copy user supplied data into a fixed-length buffer on the stack.
A buffer overflow vulnerability in Novell iPrint within the handling of functions that take a URI as a parameter allows arbitrary command execution when a user loads a specially crafted web page. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 7 or 8) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a stack-based buffer overflow vulnerability in the Novell iPrint Client by passing an overly long 'printerUri' parameter to the GetDriverSettings method of the iPrint Client ActiveX component.
This module exploits a vulnerability in the ienipp.ocx control included in the Novell iPrint Client application. The exploit is triggered when the Date Time parameter processes a long string argument resulting in a stack-based buffer overflow. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a stack-based buffer overflow vulnerability in Novell iPrint Client when the vulnerable ienipp.ocx ActiveX component processes an overly long value for the 'call-back-url' parameter.
This module exploits a stack-based buffer overflow in the ienipp.ocx ActiveX Control Debug This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a stack-based buffer overflow in the ienipp.ocx ActiveX Control included in Novell iPrint 4.34. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Vulnerabilities exist within methods exposed by gwcls1.dll which accept pointer and perform operations on the potentially malicious pointer without validation. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Nokia PC Suite is prone to a vulnerability that may allow execution of wintab32.dll if this dll is located in the same folder than .VCF file. The attacker must entice a victim into opening a specially crafted .VCF file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
Nokia Multimedia Player is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .NPL file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.