CVE-2010-3106

Name of the Vulnerable Software and Affected Versions Novell iPrint Client versions prior to 5.42

Description The issue is related to the ienipp.ocx ActiveX control in the browser plugin, which does not properly validate the debug parameter. This allows remote attackers to execute arbitrary code or cause a denial of service due to stack memory corruption by providing a parameter value with a crafted length, related to the ExecuteRequest method.

Recommendations For versions prior to 5.42, update to version 5.42 or later to resolve the issue. As a temporary workaround, consider disabling the ExecuteRequest method until a patch is available. Restrict access to the ienipp.ocx ActiveX control to minimize the risk of exploitation. Avoid using the debug parameter in the affected ActiveX control until the issue is resolved.