Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-5849HistoryDec 19, 2007 - 9:46 p.m.
CVE-2007-5849
2007-12-1921:46:00
Debian Security Bug Tracker
security-tracker.debian.org
11
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.429 Medium
EPSS
Percentile
97.3%
Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | <Β 1.3.5-1 | cups_1.3.5-1_all.deb |
| Debian | 11 | all | cups | <Β 1.3.5-1 | cups_1.3.5-1_all.deb |
| Debian | 10 | all | cups | <Β 1.3.5-1 | cups_1.3.5-1_all.deb |
| Debian | 999 | all | cups | <Β 1.3.5-1 | cups_1.3.5-1_all.deb |
| Debian | 13 | all | cups | <Β 1.3.5-1 | cups_1.3.5-1_all.deb |
Related
seebug
seebug
CUPS SNMPεη«―asn1_get_string()ε½ζ°θΏη¨ζ ζΊ’εΊζΌζ΄
2008-01-04 00:00:00
Apple Mac OS X v10.5.1 2007-009 Multiple Security Vulnerabilities
2008-01-06 00:00:00
ubuntucve
ubuntucve
CVE-2007-5849
2007-12-19 00:00:00
nessus
nessus
CUPS SNMP Back End (backend/snmp.c) asn1_get_string Function Crafted SNMP Response Remote Overflow
2007-12-19 00:00:00
openSUSE 10 Security Update : cups (cups-4806)
2008-01-10 00:00:00
Debian DSA-1437-1 : cupsys - several vulnerabilities
2007-12-27 00:00:00
cve
cve
CVE-2007-5849
2007-12-19 21:46:00
prion
prion
Integer overflow
2007-12-19 21:46:00
openvas
openvas
SuSE Update for cups SUSE-SA:2008:002
2009-01-23 00:00:00
Ubuntu Update for cupsys vulnerabilities USN-563-1
2009-03-23 00:00:00
Debian Security Advisory DSA 1437-1 (cupsys)
2008-01-17 00:00:00
osv
osv
cupsys
2007-12-26 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2008-01-09 00:00:00
suse
suse
remote code execution in cups
2008-01-10 16:51:00
debian
debian
[SECURITY] [DSA 1437-1] New cupsys packages fix several vulnerabilities
2007-12-26 13:20:33
gentoo
gentoo
CUPS: Multiple vulnerabilities
2007-12-18 00:00:00
AMD64 x86 emulation base libraries: Multiple vulnerabilities
2014-12-12 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.429 Medium
EPSS
Percentile
97.3%
Related for DEBIANCVE:CVE-2007-5849