Security update for Novell iPrint
Novell has released a security update for iPrint that closes several security holes. According to Secunia, the enipp.ocx ActiveX control contains errors that can be exploited remotely to inject and execute code in a client system. All of the errors are based on buffer overflows and are caused, for instance, when excessively long arguments are processed.
Secunia identified the security holes in versions 4.36 and 5.04, but other versions could be affected as well. The update is apparently only available for Vista 5.06 – users might have to upgrade to this version first before installing the patch.
See also:
- Novell iPrint Client for Windows Vista 5.06, Novell update description.
- Novell iPrint Client ActiveX Control Multiple Vulnerabilities, Secunia error report.
(trk)