10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.092 Low
EPSS
Percentile
94.6%
Secunia reports:
Secunia Research has discovered a vulnerability in CUPS, which can
be exploited by malicious people to compromise a vulnerable
system.
The vulnerability is caused due to a boundary error within the
βippReadIO()β function in cups/ipp.c when processing IPP (Internet
Printing Protocol) tags. This can be exploited to overwrite one
byte on the stack with a zero by sending an IPP request containing
specially crafted βtextWithLanguageβ or βnameWithLanguageβ tags.
Successful exploitation allows execution of arbitrary code.