Lucene search

K

Veracode Vulnerability DatabaseVERACODE:43383

HistorySep 26, 2023 - 7:35 a.m.

Heap Buffer Overflow

2023-09-2607:35:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

41.6%

CUPS is vulnerable to Heap Buffer Overflow. The vulnerability is due to a failure in validating the length provided by an attacker-crafted document leading to buffer overflow and possible code execution.

CPENameOperatorVersion
cups:edgeeq2.4.2-r5
cups:edgeeq2.4.5-r0
cups:edgeeq2.4.4-r0
cups:edgeeq2.4.1-r1
cups:edgeeq2.4.2-r1
cups:edgeeq2.4.6-r0
cups:edgeeq2.4.2-r0
cups:edgeeq2.3.3-r3
cups:edgeeq2.2.12-r2
cups:edgeeq2.3.3-r4

Rows per page:

1-10 of 601

References

github.com/OpenPrinting/cups/releases/tag/v2.4.7

github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h

github.com/OpenPrinting/libppd/commit/d09348b81150df69420848f7b978951e15a6a77b

github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6

lists.debian.org/debian-lts-announce/2023/09/msg00041.html

lists.fedoraproject.org/archives/list/[email protected]/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE/

lists.fedoraproject.org/archives/list/[email protected]/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ/

lists.fedoraproject.org/archives/list/[email protected]/message/AMYDKIE4PSJDEMC5OWNFCDMHFGLJ57XG/

lists.fedoraproject.org/archives/list/[email protected]/message/PXPVADB56NMLJWG4IZ3OZBNJ2ZOLPQJ6/

lists.fedoraproject.org/archives/list/[email protected]/message/T2GSPQAFK2Z6L57TRXEKZDF42K2EVBH7/

takeonme.org/cves/CVE-2023-4504.html

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

3.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

41.6%

Related for VERACODE:43383

nessus29 debiancve1 openvas27 osv4 ubuntu3 slackware1 prion1 cve1 amazon2 fedora5 cbl_mariner1 wolfi1 alpinelinux1 rosalinux1 redhatcve1 ubuntucve1 cgr1 photon2 debian1 mageia1 gentoo1 ibm1