13 matches found
MiracleLinux 3 : cups-1.3.7-8.6.1AXS3 (AXSA:2009-65:02)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-65:02 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to promote a...
OSV-2024-856 Use-of-uninitialized-value in cups_fill
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69604 Crash type: Use-of-uninitialized-value Crash state: cupsfill cupsFileRead ippReadIO...
Updated cups packages fix a security vulnerability
The updated cups packages fix security vulnerability: Out-of-bounds read in the ippReadIO function CVE-2020-10001...
SUSE SLED15 / SLES15 Security Update : cups (SUSE-SU-2021:0285-1)
This update for cups fixes the following issues : CVE-2020-10001: Fixed an out-of-bounds read in the ippReadIO function bsc1180520. CVE-2019-8842: Fixed an out-of-bounds read in an extension field bsc1170671. Note that Tenable Network Security has extracted the preceding description block directl...
SUSE SLES12 Security Update : cups (SUSE-SU-2021:0286-1)
This update for cups fixes the following issues : CVE-2020-10001: Fixed an out-of-bounds read in the ippReadIO function bsc1180520. CVE-2019-8842: Fixed an out-of-bounds read in an extension field bsc1170671. Note that Tenable Network Security has extracted the preceding description block directl...
FreeBSD : CUPS -- memory corruption (ce0c8590-b628-11ea-9d28-3c970ee9157c)
Apple reports : - CVE-2019-8842: The ippReadIO function may under-read an extension. - CVE-2020-3898: The ppdOpen function did not handle invalid UI constraint. ppdcSource::getresolution function did not handle invalid resolution strings. An application may be able to gain elevated privileges. C...
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...
CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a scheduler request with two consecutive IPPTAGUNSUPPORTED tags...
PT-2009-3531 · Apple +1 · Cups +1
Name of the Vulnerable Software and Affected Versions: CUPS versions prior to 1.3.10 Description: The issue is related to the ippReadIO function in cups/ipp.c, which does not properly initialize memory for IPP request packets. This allows remote attackers to cause a denial of service, resulting i...
cups boundary error
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service crash via a crafted 1 textWithLanguage or 2 nameWithLanguage Internet Printing Protocol IPP tag, leading to a stack-based buffer overflow...
CUPS cups/ipp.c ippReadIO Function IPP Tag Handling Overflow
According to its banner, the version of CUPS installed on the remote host fails to check the text-length field in the 'ippReadIO' function in 'cups/ipp.c'. Using a specially crafted request with an IPP Internet Printing Protocol tag such as 'textWithLanguage' or 'nameWithLanguage' and an overly...
cups boundary error
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service crash via a crafted 1 textWithLanguage or 2 nameWithLanguage Internet Printing Protocol IPP tag, leading to a stack-based buffer overflow...