7.1

CVE-2010-3107

EPSS 3.39%
Published 23.08.2010 22:00:03
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 does not properly restrict the set of files to be deleted, which allows remote attackers to cause a denial of service (recursive file deletion) via unspecified vectors related to a "logic flaw" in the CleanUploadFiles method in the nipplib.dll module.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Novell ≫ Iprint Version <= 5.40

Novell ≫ Iprint Version4.26

Novell ≫ Iprint Version4.27

Novell ≫ Iprint Version4.28

Novell ≫ Iprint Version4.30

Novell ≫ Iprint Version4.32

Novell ≫ Iprint Version4.34

Novell ≫ Iprint Version4.36

Novell ≫ Iprint Version4.38

Novell ≫ Iprint Version5.04

Novell ≫ Iprint Version5.12

Novell ≫ Iprint Version5.20b

Novell ≫ Iprint Version5.30

Novell ≫ Iprint Version5.32

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.39%	0.862

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

http://download.novell.com/Download?buildid=ftwZBxEFjIg~

Patch

http://dvlabs.tippingpoint.com/advisory/TPTI-10-05

Patch

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12074

https://nvd.nist.gov/vuln/detail/CVE-2010-3107

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3107

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3107

EUVD