Lucene search

[email protected]CVE-2009-1196

HistoryJun 09, 2009 - 5:30 p.m.

CVE-2009-1196

2009-06-0917:30:10

CWE-399

[email protected]

web.nvd.nist.gov

cups

directory services

denial of service

manipulation

timing

browse packets

cve-2009-1196

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.2 High

AI Score

Confidence

High

0.051 Low

EPSS

Percentile

93.0%

JSON

The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a “pointer use-after-delete flaw.”

Affected configurations

NVD

Node

applecupsMatch1.1.17

applecupsMatch1.1.22

CPENameOperatorVersion
apple:cupsapple cupseq1.1.17
apple:cupsapple cupseq1.1.22

CPE	Name	Operator	Version
apple:cups	apple cups	eq	1.1.17
apple:cups	apple cups	eq	1.1.22

References

secunia.com/advisories/35340

securitytracker.com/id?1022327

www.redhat.com/support/errata/RHSA-2009-1083.html

www.securityfocus.com/bid/35194

www.vupen.com/english/advisories/2009/1488

bugzilla.redhat.com/show_bug.cgi?id=497135

exchange.xforce.ibmcloud.com/vulnerabilities/50944

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11217

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.2 High

AI Score

Confidence

High

0.051 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2009-1196

prion1 nvd1 debiancve1 seebug1 cvelist1 veracode1 ubuntucve1 openvas9 redhat1 nessus4 centos1 oraclelinux1 securityvulns1