Lucene search
FreeBSDBF1D9331-21B6-11E5-86FF-14DAE9D210B8HistoryJul 03, 2015 - 12:00 a.m.
cups-filters -- texttopdf integer overflow
2015-07-0300:00:00
vuxml.freebsd.org
23
0.073 Low
EPSS
Percentile
94.0%
Stefan Cornelius from Red Hat reports:
An integer overflow flaw leading to a heap-based buffer overflow was
discovered in the way the texttopdf utility of cups-filter processed
print jobs with a specially crafted line size. An attacker being able
to submit print jobs could exploit this flaw to crash texttopdf or,
possibly, execute arbitrary code with the privileges of the ‘lp’ user.
Tim Waugh reports:
The Page allocation is moved into textcommon.c, where it does all the
necessary checking: lower-bounds for CVE-2015-3258 and upper-bounds
for CVE-2015-3259 due to integer overflows for the calloc() call
initializing Page[0] and the memset() call in texttopdf.c’s
WritePage() function zeroing the entire array.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | cups-filters | < 1.0.71 | UNKNOWN |
Related
nessus
nessus
FreeBSD : cups-filters -- texttopdf integer overflow (bf1d9331-21b6-11e5-86ff-14dae9d210b8)
2015-07-06 00:00:00
GLSA-201510-08 : cups-filters: Multiple vulnerabilities
2015-11-02 00:00:00
RHEL 7 : cups-filters (RHSA-2015:2360)
2015-11-20 00:00:00
openvas
openvas
Debian Security Advisory DSA 3303-1 (cups-filters - security update)
2015-07-07 00:00:00
Mageia: Security Advisory (MGASA-2015-0270)
2015-10-15 00:00:00
RedHat Update for cups-filters RHSA-2015:2360-01
2015-11-20 00:00:00
redhat
redhat
debian
debian
[SECURITY] [DSA 3303-1] cups-filters security update
2015-07-07 13:32:24
[SECURITY] [DLA 314-1] cups security update
2015-09-24 17:46:15
[SECURITY] [DSA 3414-1] xen security update
2015-12-09 20:43:34
centos
centos
cups security update
2015-11-30 19:26:34
fedora
fedora
[SECURITY] Fedora 22 Update: cups-filters-1.0.71-1.fc22
2015-07-14 15:44:56
[SECURITY] Fedora 21 Update: cups-filters-1.0.71-1.fc21
2015-07-18 02:09:37
[SECURITY] Fedora 22 Update: xen-4.5.1-2.fc22
2015-07-19 01:58:20
securityvulns
securityvulns
[SECURITY] [DSA 3303-1] cups-filters security update
2015-07-13 00:00:00
cups-filters buffer overflow
2015-07-13 00:00:00
osv
osv
cups-filters - security update
2015-07-07 00:00:00
gentoo
gentoo
cups-filters: Multiple vulnerabilities
2015-10-31 00:00:00
Xen: Multiple vulnerabilities
2016-04-05 00:00:00
ubuntu
ubuntu
cups-filters vulnerabilities
2015-07-06 00:00:00
mageia
mageia
Updated cups-filters package fixes security vulnerability
2015-07-09 01:03:02
Updated xen packages fix security vulnerabilities
2016-03-07 14:20:30
oraclelinux
oraclelinux
cups-filters security, bug fix, and enhancement update
2015-11-23 00:00:00
prion
prion
Integer overflow
2015-07-14 16:59:00
Heap overflow
2015-07-14 16:59:00
Stack overflow
2015-07-16 14:59:00
debiancve
debiancve
ubuntucve
ubuntucve
cvelist
cvelist
freebsd
freebsd
cups-filters -- buffer overflow in texttopdf size allocation
2015-06-26 00:00:00
xen-tools -- xl command line config handling stack overflow
2015-07-07 00:00:00
cve
cve
xen
xen
xl command line config handling stack overflow
2015-07-07 12:00:00
suse
suse
Security update for xen (important)
2015-07-28 11:09:21
Security update for xen (important)
2015-07-27 19:08:40
Security update for xen (important)
2015-09-02 19:09:33