Lucene search

K

FreeBSD8DD9722C-8E97-11DC-B8F6-001C2514716C

HistoryNov 06, 2007 - 12:00 a.m.

cups -- off-by-one buffer overflow

2007-11-0600:00:00

vuxml.freebsd.org

8

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.092 Low

EPSS

Percentile

94.6%

Secunia reports:

Secunia Research has discovered a vulnerability in CUPS, which can
be exploited by malicious people to compromise a vulnerable
system.
The vulnerability is caused due to a boundary error within the
“ippReadIO()” function in cups/ipp.c when processing IPP (Internet
Printing Protocol) tags. This can be exploited to overwrite one
byte on the stack with a zero by sending an IPP request containing
specially crafted “textWithLanguage” or “nameWithLanguage” tags.
Successful exploitation allows execution of arbitrary code.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchcups-base< 1.3.3_1UNKNOWN

References

secunia.com/secunia_research/2007-76/

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.092 Low

EPSS

Percentile

94.6%

Related for 8DD9722C-8E97-11DC-B8F6-001C2514716C

fedora7 openvas32 osv1 nessus23 debiancve1 cert1 prion1 seebug1 cve1 centos3 securityvulns1 ubuntu1 gentoo1 suse1 redhat3 veracode1 ubuntucve1 debian1 cisco1 slackware1 oraclelinux3