Secunia Research has discovered a vulnerability in Novell iPrint Client, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused by a boundary error in the handling of the “call-back-url” parameter value for a “op-client-interface-version” operation where the “result-type” parameter is set to “url”. This can be exploited to cause a stack-based buffer overflow via an overly long “call-back-url” parameter value. Successful exploitation allows execution of arbitrary code when a user visits a malicious website. Version 5.42 is affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/92940/secunia-novelliprint.txt
Source: https://packetstormsecurity.com/files/92940/Novell-iPrint-Client-call-back-url-Buffer-Overflow.html