Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
AppleCups

16 matches found

CVE
CVEadded 2010/06/21 4:30 p.m.109 views

CVE-2010-0542

The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitra...

6.8CVSS8.8AI score0.04413EPSS
CVE
CVEadded 2009/01/27 8:30 p.m.98 views

CVE-2009-0032

CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.

6.9CVSS6.2AI score0.00033EPSS
CVE
CVEadded 2009/04/23 5:30 p.m.94 views

CVE-2009-1180

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.

6.8CVSS7.8AI score0.0199EPSS
CVE
CVEadded 2015/02/19 3:59 p.m.91 views

CVE-2014-9679

Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.

6.8CVSS7.6AI score0.05457EPSS
CVE
CVEadded 2009/04/23 5:30 p.m.88 views

CVE-2009-0163

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filt...

6.8CVSS7.9AI score0.05696EPSS
CVE
CVEadded 2009/04/23 5:30 p.m.82 views

CVE-2009-1179

Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

6.8CVSS7.8AI score0.05331EPSS
CVE
CVEadded 2007/07/30 11:17 p.m.80 views

CVE-2007-3387

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that trigg...

6.8CVSS7.9AI score0.11401EPSS
CVE
CVEadded 2008/10/14 9:10 p.m.79 views

CVE-2008-3640

Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.

6.8CVSS7.9AI score0.11527EPSS
CVE
CVEadded 2009/04/23 5:30 p.m.79 views

CVE-2009-0800

Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

6.8CVSS7.7AI score0.05252EPSS
CVE
CVEadded 2009/04/24 3:30 p.m.74 views

CVE-2009-0164

The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.

6.4CVSS7.2AI score0.04048EPSS
CVE
CVEadded 2009/06/09 5:30 p.m.65 views

CVE-2009-0791

Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that trigger...

6.8CVSS8.1AI score0.05331EPSS
CVE
CVEadded 2008/04/04 12:44 a.m.61 views

CVE-2008-1374

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888.

6.8CVSS7.6AI score0.04443EPSS
CVE
CVEadded 2010/03/05 7:30 p.m.61 views

CVE-2010-0393

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with f...

6.9CVSS7.3AI score0.0008EPSS
CVE
CVEadded 2008/12/08 11:30 p.m.60 views

CVE-2008-5377

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.

6.9CVSS7.2AI score0.0019EPSS
CVE
CVEadded 2009/02/20 7:30 p.m.55 views

CVE-2009-0577

Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2008-3...

6.8CVSS8AI score0.11527EPSS
CVE
CVEadded 2009/04/23 5:30 p.m.54 views

CVE-2009-0195

Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.

6.8CVSS7.8AI score0.10286EPSS