7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.011 Low
EPSS
Percentile
84.5%
CentOS Errata and Security Advisory CESA-2010:0755
The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS “pdftops” filter converts Portable
Document Format (PDF) files to PostScript.
Multiple flaws were discovered in the CUPS “pdftops” filter. An attacker
could create a malicious PDF file that, when printed, would cause “pdftops”
to crash or, potentially, execute arbitrary code as the “lp” user.
(CVE-2010-3702, CVE-2009-3609)
Users of cups are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the cupsd daemon will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-October/079213.html
https://lists.centos.org/pipermail/centos-announce/2010-October/079214.html
Affected packages:
cups
cups-devel
cups-libs
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0755
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | i386 | cups | < 1.1.22-0.rc1.9.32.el4.10 | cups-1.1.22-0.rc1.9.32.el4.10.i386.rpm |
CentOS | 4 | i386 | cups-devel | < 1.1.22-0.rc1.9.32.el4.10 | cups-devel-1.1.22-0.rc1.9.32.el4.10.i386.rpm |
CentOS | 4 | i386 | cups-libs | < 1.1.22-0.rc1.9.32.el4.10 | cups-libs-1.1.22-0.rc1.9.32.el4.10.i386.rpm |
CentOS | 4 | x86_64 | cups | < 1.1.22-0.rc1.9.32.el4.10 | cups-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm |
CentOS | 4 | x86_64 | cups-devel | < 1.1.22-0.rc1.9.32.el4.10 | cups-devel-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm |
CentOS | 4 | i386 | cups-libs | < 1.1.22-0.rc1.9.32.el4.10 | cups-libs-1.1.22-0.rc1.9.32.el4.10.i386.rpm |
CentOS | 4 | x86_64 | cups-libs | < 1.1.22-0.rc1.9.32.el4.10 | cups-libs-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm |