Attackers can exploit <A HREF="http://www.techworld.com/news/index.cfm?RSS&NewsID=103466">bugs in Novell's iPrint application</A> to obtain corporate information or hijack computers, security experts have warned. Novell has issued a patch that plugs multiple holes in the ActiveX control that Novell ships as part of its iPrint product, but according to Danish bug tracker Secunia, one of the flaws remains unfixed.
Secunia, which reported the bugs to Novell, counted at least eight vulnerabilities in the ActiveX control included with the Windows Vista version of the iPrint client, as well as several other flaws in another Windows Vista iPrint component. iPrint is Novell's implementation of the Internet Printing Protocol (IPP), and lets users use, install and manage printers through the browser. The Vista version of the application ships with Novell's Open Enterprise Server 2 and NetWare 6.5 Support Pack 7.