remote code execution in cups

ID SUSE-SA:2008:015
Type suse
Reporter Suse
Modified 2008-03-19T10:07:43


A heap-overflow in the cgiCompileSearch() function of cups could be exploited by remote attackers to execute arbitrary code. The vulnerable function is used by the web-interface which is only available remotely if the print server shares printers over the network.


There is no known workaround, please install the update packages.