14 matches found
MiracleLinux 3 : cups-1.3.7-8.6.1AXS3 (AXSA:2009-65:02)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-65:02 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to promote a...
OSV-2024-856 Use-of-uninitialized-value in cups_fill
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69604 Crash type: Use-of-uninitialized-value Crash state: cupsfill cupsFileRead ippReadIO...
The vulnerability of the ippReadIO function in the cups/ipp.c component of the printing server’s CUPS software lies in the lack of input validation mechanisms. This allows attackers to access confidential information.
The vulnerability of the ippReadIO function in the cups/ipp.c component of the printing server CUPS is related to the lack of a mechanism for checking input data. Exploiting this vulnerability allows an attacker to gain access to confidential information remotely...
Updated cups packages fix a security vulnerability
The updated cups packages fix security vulnerability: Out-of-bounds read in the ippReadIO function CVE-2020-10001...
SUSE SLED15 / SLES15 Security Update : cups (SUSE-SU-2021:0285-1)
This update for cups fixes the following issues : CVE-2020-10001: Fixed an out-of-bounds read in the ippReadIO function bsc1180520. CVE-2019-8842: Fixed an out-of-bounds read in an extension field bsc1170671. Note that Tenable Network Security has extracted the preceding description block directl...
SUSE SLES12 Security Update : cups (SUSE-SU-2021:0286-1)
This update for cups fixes the following issues : CVE-2020-10001: Fixed an out-of-bounds read in the ippReadIO function bsc1180520. CVE-2019-8842: Fixed an out-of-bounds read in an extension field bsc1170671. Note that Tenable Network Security has extracted the preceding description block directl...
FreeBSD : CUPS -- memory corruption (ce0c8590-b628-11ea-9d28-3c970ee9157c)
Apple reports : - CVE-2019-8842: The ippReadIO function may under-read an extension. - CVE-2020-3898: The ppdOpen function did not handle invalid UI constraint. ppdcSource::getresolution function did not handle invalid resolution strings. An application may be able to gain elevated privileges. C...
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...
PT-2009-3531 · Apple +1 · Cups +1
Name of the Vulnerable Software and Affected Versions: CUPS versions prior to 1.3.10 Description: The issue is related to the ippReadIO function in cups/ipp.c, which does not properly initialize memory for IPP request packets. This allows remote attackers to cause a denial of service, resulting i...
cups boundary error
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service crash via a crafted 1 textWithLanguage or 2 nameWithLanguage Internet Printing Protocol IPP tag, leading to a stack-based buffer overflow...
CUPS cups/ipp.c ippReadIO Function IPP Tag Handling Overflow
According to its banner, the version of CUPS installed on the remote host fails to check the text-length field in the 'ippReadIO' function in 'cups/ipp.c'. Using a specially crafted request with an IPP Internet Printing Protocol tag such as 'textWithLanguage' or 'nameWithLanguage' and an overly...
cups boundary error
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service crash via a crafted 1 textWithLanguage or 2 nameWithLanguage Internet Printing Protocol IPP tag, leading to a stack-based buffer overflow...