SUSE CVE-2008-3640

Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow...

SUSE CVE-2009-0577

Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux RHEL 3 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. NOTE: this issue exists because of an incorrect fix for...

SUSE CVE-2010-0542

The WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service NULL pointer dereference or heap memory corruption or possibly execute arbitrar...

Arbitrary Code Execution

cups is vulnerable to arbitrary code execution. An integer overflow flaw leading to a heap buffer overflow was discovered in the Text-to-PostScript "texttops" filter. An attacker could create a malicious text file that could, possibly, execute arbitrary code as the "lp" user if the file was print...

Slackware: Security Advisory (SSA:2008-312-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE9 Security Update : CUPS (YOU Patch Number 12665)

This update fixes the following vulnerabilities in cups : - A specially crafted PDF file could crash the pdftops potentially even cause execution of arbitrary code. CVE-2010-3702: CVSS v2 Base Score: 5.8. CVE-2010-3702 - A NULL pointer dereference issue exists in the WriteProlog function of...

SuSE 11 / 11.1 Security Update : CUPS (SAT Patch Numbers 3575 / 3576)

This updates fix several bugs, but only the security fixes are listed here : - Special IPP requests allow to crash cupsd remotely. CVE-2010-2941: CVSS v2 Base Score: 3.3 AV:A/AC:L/Au:N/C:N/I:N/A:P: CWE-399 - A NULL pointer dereference exists in the WriteProlog function of the texttops image filte...

DEBIAN-CVE-2010-0542

The WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service NULL pointer dereference or heap memory corruption or possibly execute arbitrar...

CVE-2010-0542

The WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service NULL pointer dereference or heap memory corruption or possibly execute arbitrar...

CUPS texttops过滤器空指针引用漏洞

BUGTRAQ ID: 40943 CVE ID: CVE-2010-0542 Common Unix Printing System（CUPS）是一款通用Unix打印系统，是Unix环境下的跨平台打印解决方案，基于Internet打印协议，提供大多数 PostScript和raster打印机服务。 CUPS的texttops过滤器中缺少内存分配失败检查导致了空指针引用。攻击者可以创建恶意的文本文件，如果打印了该文件就会导致texttops崩溃或以lp用户权限执行任意代码。 Easy Software Products CUPS 1.4.4 厂商补丁： Easy Software...

CUPS: texttops unchecked memory allocation failure leading to NULL pointer dereference

The WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service NULL pointer dereference or heap memory corruption or possibly execute arbitrar...

SuSE9 Security Update : CUPS (YOU Patch Number 12261)

Specially crafted print jobs could trigger buffer overflows in the 'imagetops', 'texttops' and 'hpgltops' filters. Attackers could potentially exploit that to execute arbitrary code on the cups server. CVE-2008-3639, CVE-2008-3640, CVE-2008-3641 %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : cupsys vulnerabilities (USN-656-1)

It was discovered that the SGI image filter in CUPS did not perform proper bounds checking. If a user or automated system were tricked into opening a crafted SGI image, an attacker could cause a denial of service. CVE-2008-3639 It was discovered that the texttops filter in CUPS did not properly...

PT-2009-3224 · Apple · Cups

Name of the Vulnerable Software and Affected Versions: CUPS version 1.1.17 Description: The issue is caused by an integer overflow in the WriteProlog function in texttops, which can be exploited by remote attackers to execute arbitrary code. This is achieved by sending a crafted PostScript file...

Cups multiple security vulnerabilities

Multiple integer overflows and heap buffer overflows in imagetops and texttops...

USN-656-1: CUPS vulnerabilities

It was discovered that the SGI image filter in CUPS did not perform proper bounds checking. If a user or automated system were tricked into opening a crafted SGI image, an attacker could cause a denial of service. CVE-2008-3639 It was discovered that the texttops filter in CUPS did not properly...

DEBIAN-CVE-2008-3640

Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow...

CUPS: texttops integer overflow

Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow...

CUPS < 1.3.9 Multiple Vulnerabilities

According to its banner, the version of CUPS installed on the remote host is earlier than 1.3.9. Such versions are affected by several issues : - The HP-GL/2 filter does not adequately check the ranges on the pen width and pen color opcodes that allows an attacker to overwrite memory addresses wi...

openSUSE 10 Security Update : cups (cups-5652)

Specially crafted print jobs could trigger buffer overflows in the 'imagetops', 'texttops' and 'hpgltops' filters. Attackers could potentially exploit that to execute arbitrary code on the cups server CVE-2008-3639, CVE-2008-3640, CVE-2008-3641. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...