remote code execution in cups

2008-03-19T10:07:43
ID SUSE-SA:2008:015
Type suse
Reporter Suse
Modified 2008-03-19T10:07:43

Description

A heap-overflow in the cgiCompileSearch() function of cups could be exploited by remote attackers to execute arbitrary code. The vulnerable function is used by the web-interface which is only available remotely if the print server shares printers over the network.

Solution

There is no known workaround, please install the update packages.