CVE-2008-2908

Name of the Vulnerable Software and Affected Versions Novell iPrint Client for Windows versions prior to 4.36

Description The issue is related to multiple stack-based buffer overflows in a certain ActiveX control. Remote attackers can execute arbitrary code by providing a long value for certain parameters. The parameters operation, printer-url, and target-frame are affected.

Recommendations For versions prior to 4.36, update to version 4.36 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected ActiveX control in ienipp.ocx until the update is applied. Avoid using long values for the operation, printer-url, and target-frame parameters in the affected API endpoints until the issue is resolved.