[email protected]CVE-2008-1374

HistoryApr 04, 2008 - 12:44 a.m.

CVE-2008-1374

2008-04-0400:44:00

CWE-190

[email protected]

web.nvd.nist.gov

cups

pdftops

rhel

integer overflow

remote code execution

pdf

incomplete fix

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888.

CPENameOperatorVersion
apple:cupsapple cupsle1.3.11

CPE	Name	Operator	Version
apple:cups	apple cups	le	1.3.11

References

secunia.com/advisories/29630

secunia.com/advisories/31388

wiki.rpath.com/wiki/Advisories:rPSA-2008-0245

www.redhat.com/support/errata/RHSA-2008-0206.html

www.securityfocus.com/archive/1/495164/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/41758

issues.rpath.com/browse/RPL-2390

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636

Social References

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

Related for CVE-2008-1374

prion1 ubuntucve4 debiancve4 centos2 redhat10 openvas30 nessus47 oraclelinux2 debian6 osv3 securityvulns4 gentoo4 ubuntu2 cve3 freebsd1 suse3