10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.07 Low
EPSS
Percentile
93.3%
The Common UNIX Printing System (CUPS) is a print spooler.
During a source code audit, Chris Evans discovered a number of integer
overflow bugs that affect Xpdf. CUPS contained a copy of the Xpdf code
used for parsing PDF files and was therefore affected by these bugs. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the
name CAN-2004-0888 to this issue, and Red Hat released erratum
RHSA-2004:543 with updated packages.
It was found that the patch used to correct this issue was not sufficient
and did not fully protect CUPS running on 64-bit architectures. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0206 to this issue.
These updated packages also include a fix that prevents the CUPS
initscript from being accidentally replaced.
All users of CUPS on 64-bit architectures should upgrade to these updated
packages, which contain a corrected patch and are not vulnerable to these
issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | cups-libs | < 1.1.17-13.3.27 | cups-libs-1.1.17-13.3.27.ia64.rpm |
RedHat | any | i386 | cups-libs | < 1.1.17-13.3.27 | cups-libs-1.1.17-13.3.27.i386.rpm |
RedHat | any | ia64 | cups | < 1.1.17-13.3.27 | cups-1.1.17-13.3.27.ia64.rpm |
RedHat | any | ia64 | cups-devel | < 1.1.17-13.3.27 | cups-devel-1.1.17-13.3.27.ia64.rpm |