Security Vulnerability - Novell iPrint Client Browser Plugin Remote File Deletion Vulnerability

  • 7006678
  • 19-Aug-2010
  • 26-Apr-2012

Environment

Novell iPrint Client for Windows

Situation

This vulnerability allows remote attackers to delete all files on a system with a vulnerable installation of the Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.

Resolution

Fix is included in "iPrint Client for Windows XP/Vista/Win7 5.42"

Status

Security Alert

Additional Information

ZDI-CAN-867: "Novell iPrint Client Browser Plugin Remote File Deletion Vulnerability." This vulnerability was discovered by Aaron Portnoy, TippingPoint DVLabs. CVE -2010-4319.