PRIOn knowledge basePRION:CVE-2010-0542Null pointer dereference
8.3 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.011 Low
EPSS
Percentile
83.8%
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.
References
cups.org/articles.php?L596
cups.org/str.php?L3516
cups.org/strfiles/3516/str3516.patch
lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
secunia.com/advisories/43521
security.gentoo.org/glsa/glsa-201207-10.xml
securitytracker.com/id?1024121
www.debian.org/security/2011/dsa-2176
www.mandriva.com/security/advisories?name=MDVSA-2010:232
www.mandriva.com/security/advisories?name=MDVSA-2010:234
www.securityfocus.com/bid/40943
www.vupen.com/english/advisories/2011/0535
bugzilla.redhat.com/show_bug.cgi?id=587746
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365
Related
8.3 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.011 Low
EPSS
Percentile
83.8%