CVE-2010-3107

Name of the Vulnerable Software and Affected Versions Novell iPrint Client versions prior to 5.42

Description The issue is related to a logic flaw in the CleanUploadFiles method within the nipplib.dll module of the Novell iPrint Client browser plugin. This flaw, associated with a certain ActiveX control in ienipp.ocx, does not properly restrict the set of files to be deleted. As a result, remote attackers can exploit this to cause a denial of service through recursive file deletion.

Recommendations For versions prior to 5.42, update to version 5.42 or later to resolve the issue. As a temporary workaround, consider restricting access to the nipplib.dll module or disabling the ActiveX control in ienipp.ocx to minimize the risk of exploitation.