Vulnerabilites related to apple - cups
CVE-2008-3639 (GCVE-0-2008-3639)
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 09:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11464",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11464"
},
{
"name": "261088",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32331"
},
{
"name": "33111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33111"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L2918"
},
{
"name": "32292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32292"
},
{
"name": "ADV-2009-1568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "1021033",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021033"
},
{
"name": "FEDORA-2008-8844",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "FEDORA-2008-8801",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33085"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "31690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31690"
},
{
"name": "ADV-2008-3401",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "cups-readrle16-bo(45789)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45789"
},
{
"name": "32226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"name": "USN-656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/656-1/"
},
{
"name": "20081009 Multiple Vendor CUPS SGI imagetops Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "32084",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "32316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11464",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11464"
},
{
"name": "261088",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32331"
},
{
"name": "33111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33111"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L2918"
},
{
"name": "32292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32292"
},
{
"name": "ADV-2009-1568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "1021033",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021033"
},
{
"name": "FEDORA-2008-8844",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "FEDORA-2008-8801",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33085"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "31690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31690"
},
{
"name": "ADV-2008-3401",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "cups-readrle16-bo(45789)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45789"
},
{
"name": "32226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"name": "USN-656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/656-1/"
},
{
"name": "20081009 Multiple Vendor CUPS SGI imagetops Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "32084",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "32316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11464",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11464"
},
{
"name": "261088",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32331"
},
{
"name": "33111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33111"
},
{
"name": "http://www.cups.org/str.php?L2918",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L2918"
},
{
"name": "32292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32292"
},
{
"name": "ADV-2009-1568",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "1021033",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021033"
},
{
"name": "FEDORA-2008-8844",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "FEDORA-2008-8801",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33085"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "31690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31690"
},
{
"name": "ADV-2008-3401",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "cups-readrle16-bo(45789)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45789"
},
{
"name": "32226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"name": "USN-656-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"name": "20081009 Multiple Vendor CUPS SGI imagetops Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753"
},
{
"name": "http://www.cups.org/articles.php?L575",
"refsource": "CONFIRM",
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "32084",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "32316",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3639",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-08-12T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3387 (GCVE-0-2007-3387)
Vulnerability from cvelistv5
Published
2007-07-30 23:00
Modified
2024-08-07 14:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:13.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2007:0730",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0730.html"
},
{
"name": "USN-496-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-496-1"
},
{
"name": "DSA-1355",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1355"
},
{
"name": "ADV-2007-2705",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2705"
},
{
"name": "SUSE-SR:2007:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_16_sr.html"
},
{
"name": "MDKSA-2007:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:164"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1596"
},
{
"name": "MDKSA-2007:165",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:165"
},
{
"name": "26307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26307"
},
{
"name": "MDKSA-2007:158",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:158"
},
{
"name": "DSA-1350",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1350"
},
{
"name": "20070814 FLEA-2007-0045-1 poppler",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/476519/30/5400/threaded"
},
{
"name": "26468",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26468"
},
{
"name": "20070814 FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/476508/100/0/threaded"
},
{
"name": "26982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26982"
},
{
"name": "26254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26254"
},
{
"name": "26370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26370"
},
{
"name": "DSA-1348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1348"
},
{
"name": "26325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26325"
},
{
"name": "26413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26413"
},
{
"name": "DSA-1352",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1352"
},
{
"name": "GLSA-200710-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml"
},
{
"name": "DSA-1354",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1604"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=535497"
},
{
"name": "USN-496-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-496-2"
},
{
"name": "MDKSA-2007:163",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:163"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20070730-1.txt"
},
{
"name": "RHSA-2007:0731",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0731.html"
},
{
"name": "40127",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40127"
},
{
"name": "26862",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26862"
},
{
"name": "GLSA-200805-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"name": "26281",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26281"
},
{
"name": "RHSA-2007:0720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0720.html"
},
{
"name": "GLSA-200709-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-12.xml"
},
{
"name": "25124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25124"
},
{
"name": "26514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26514"
},
{
"name": "26467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26467"
},
{
"name": "SSA:2007-316-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
},
{
"name": "26432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26432"
},
{
"name": "26410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26410"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=187139"
},
{
"name": "26607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26607"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm"
},
{
"name": "30168",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30168"
},
{
"name": "26358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26358"
},
{
"name": "26365",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26365"
},
{
"name": "26627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26627"
},
{
"name": "26293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26293"
},
{
"name": "26283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26283"
},
{
"name": "MDKSA-2007:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:159"
},
{
"name": "27308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27308"
},
{
"name": "MDKSA-2007:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:160"
},
{
"name": "DSA-1357",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1357"
},
{
"name": "GLSA-200709-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-17.xml"
},
{
"name": "26403",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26403"
},
{
"name": "RHSA-2007:0732",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0732.html"
},
{
"name": "DSA-1349",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1349"
},
{
"name": "26251",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26251"
},
{
"name": "oval:org.mitre.oval:def:11149",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149"
},
{
"name": "26292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26292"
},
{
"name": "MDKSA-2007:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:161"
},
{
"name": "26342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26342"
},
{
"name": "26257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26257"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194"
},
{
"name": "26395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26395"
},
{
"name": "SSA:2007-222-05",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.423670"
},
{
"name": "MDKSA-2007:162",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:162"
},
{
"name": "GLSA-200711-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"name": "1018473",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018473"
},
{
"name": "RHSA-2007:0729",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0729.html"
},
{
"name": "26188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26188"
},
{
"name": "26278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26278"
},
{
"name": "26425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26425"
},
{
"name": "GLSA-200710-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-20.xml"
},
{
"name": "ADV-2007-2704",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2704"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch"
},
{
"name": "DSA-1347",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1347"
},
{
"name": "RHSA-2007:0735",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0735.html"
},
{
"name": "20070816 FLEA-2007-0046-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/476765/30/5340/threaded"
},
{
"name": "27281",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27281"
},
{
"name": "20070801-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.foresightlinux.org/browse/FL-471"
},
{
"name": "26436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26436"
},
{
"name": "26343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26343"
},
{
"name": "26407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26407"
},
{
"name": "26255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26255"
},
{
"name": "27156",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27156"
},
{
"name": "26318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26318"
},
{
"name": "26470",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26470"
},
{
"name": "SUSE-SR:2007:015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"name": "26297",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26297"
},
{
"name": "26405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26405"
},
{
"name": "27637",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27637"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2007:0730",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0730.html"
},
{
"name": "USN-496-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-496-1"
},
{
"name": "DSA-1355",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1355"
},
{
"name": "ADV-2007-2705",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2705"
},
{
"name": "SUSE-SR:2007:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_16_sr.html"
},
{
"name": "MDKSA-2007:164",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:164"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1596"
},
{
"name": "MDKSA-2007:165",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:165"
},
{
"name": "26307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26307"
},
{
"name": "MDKSA-2007:158",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:158"
},
{
"name": "DSA-1350",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1350"
},
{
"name": "20070814 FLEA-2007-0045-1 poppler",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/476519/30/5400/threaded"
},
{
"name": "26468",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26468"
},
{
"name": "20070814 FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/476508/100/0/threaded"
},
{
"name": "26982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26982"
},
{
"name": "26254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26254"
},
{
"name": "26370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26370"
},
{
"name": "DSA-1348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1348"
},
{
"name": "26325",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26325"
},
{
"name": "26413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26413"
},
{
"name": "DSA-1352",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1352"
},
{
"name": "GLSA-200710-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml"
},
{
"name": "DSA-1354",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1604"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=535497"
},
{
"name": "USN-496-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-496-2"
},
{
"name": "MDKSA-2007:163",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:163"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20070730-1.txt"
},
{
"name": "RHSA-2007:0731",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0731.html"
},
{
"name": "40127",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40127"
},
{
"name": "26862",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26862"
},
{
"name": "GLSA-200805-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"name": "26281",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26281"
},
{
"name": "RHSA-2007:0720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0720.html"
},
{
"name": "GLSA-200709-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-12.xml"
},
{
"name": "25124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25124"
},
{
"name": "26514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26514"
},
{
"name": "26467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26467"
},
{
"name": "SSA:2007-316-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
},
{
"name": "26432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26432"
},
{
"name": "26410",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26410"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=187139"
},
{
"name": "26607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26607"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm"
},
{
"name": "30168",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30168"
},
{
"name": "26358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26358"
},
{
"name": "26365",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26365"
},
{
"name": "26627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26627"
},
{
"name": "26293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26293"
},
{
"name": "26283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26283"
},
{
"name": "MDKSA-2007:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:159"
},
{
"name": "27308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27308"
},
{
"name": "MDKSA-2007:160",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:160"
},
{
"name": "DSA-1357",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1357"
},
{
"name": "GLSA-200709-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-17.xml"
},
{
"name": "26403",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26403"
},
{
"name": "RHSA-2007:0732",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0732.html"
},
{
"name": "DSA-1349",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1349"
},
{
"name": "26251",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26251"
},
{
"name": "oval:org.mitre.oval:def:11149",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149"
},
{
"name": "26292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26292"
},
{
"name": "MDKSA-2007:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:161"
},
{
"name": "26342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26342"
},
{
"name": "26257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26257"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194"
},
{
"name": "26395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26395"
},
{
"name": "SSA:2007-222-05",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.423670"
},
{
"name": "MDKSA-2007:162",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:162"
},
{
"name": "GLSA-200711-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"name": "1018473",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018473"
},
{
"name": "RHSA-2007:0729",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0729.html"
},
{
"name": "26188",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26188"
},
{
"name": "26278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26278"
},
{
"name": "26425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26425"
},
{
"name": "GLSA-200710-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-20.xml"
},
{
"name": "ADV-2007-2704",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2704"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch"
},
{
"name": "DSA-1347",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1347"
},
{
"name": "RHSA-2007:0735",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0735.html"
},
{
"name": "20070816 FLEA-2007-0046-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/476765/30/5340/threaded"
},
{
"name": "27281",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27281"
},
{
"name": "20070801-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.foresightlinux.org/browse/FL-471"
},
{
"name": "26436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26436"
},
{
"name": "26343",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26343"
},
{
"name": "26407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26407"
},
{
"name": "26255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26255"
},
{
"name": "27156",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27156"
},
{
"name": "26318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26318"
},
{
"name": "26470",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26470"
},
{
"name": "SUSE-SR:2007:015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"name": "26297",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26297"
},
{
"name": "26405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26405"
},
{
"name": "27637",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27637"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-3387",
"datePublished": "2007-07-30T23:00:00",
"dateReserved": "2007-06-25T00:00:00",
"dateUpdated": "2024-08-07T14:14:13.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2432 (GCVE-0-2010-2432)
Vulnerability from cvelistv5
Published
2010-06-22 20:24
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/str.php?L3518"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2011:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43521"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-18T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/str.php?L3518"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2011:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43521"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cups.org/str.php?L3518",
"refsource": "CONFIRM",
"url": "http://cups.org/str.php?L3518"
},
{
"name": "http://cups.org/articles.php?L596",
"refsource": "CONFIRM",
"url": "http://cups.org/articles.php?L596"
},
{
"name": "DSA-2176",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2011:146",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"name": "ADV-2011-0535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "43521",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43521"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2432",
"datePublished": "2010-06-22T20:24:00",
"dateReserved": "2010-06-22T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1181 (GCVE-0-2009-1181)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "1022072",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022072"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "oval:org.mitre.oval:def:9683",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "1022072",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022072"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "oval:org.mitre.oval:def:9683",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-1181",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1372 (GCVE-0-2002-1372)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2025-01-16 17:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
},
{
"name": "CLSA-2003:702",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000702"
},
{
"name": "DSA-232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-232"
},
{
"name": "SuSE-SA:2003:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/12.19.02.txt"
},
{
"name": "RHSA-2002:295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
},
{
"name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104032149026670\u0026w=2"
},
{
"name": "MDKSA-2003:001",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
},
{
"name": "6440",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6440"
},
{
"name": "cups-file-descriptor-dos(10912)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10912"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2002-1372",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-25T15:24:01.752587Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252 Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T17:42:09.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-12-20T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
},
{
"name": "CLSA-2003:702",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000702"
},
{
"name": "DSA-232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-232"
},
{
"name": "SuSE-SA:2003:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/12.19.02.txt"
},
{
"name": "RHSA-2002:295",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
},
{
"name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104032149026670\u0026w=2"
},
{
"name": "MDKSA-2003:001",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
},
{
"name": "6440",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6440"
},
{
"name": "cups-file-descriptor-dos(10912)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10912"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
},
{
"name": "CLSA-2003:702",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000702"
},
{
"name": "DSA-232",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-232"
},
{
"name": "SuSE-SA:2003:002",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
},
{
"name": "http://www.idefense.com/advisory/12.19.02.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/12.19.02.txt"
},
{
"name": "RHSA-2002:295",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
},
{
"name": "20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104032149026670\u0026w=2"
},
{
"name": "MDKSA-2003:001",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
},
{
"name": "6440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6440"
},
{
"name": "cups-file-descriptor-dos(10912)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10912"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1372",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-12-16T00:00:00",
"dateUpdated": "2025-01-16T17:42:09.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3640 (GCVE-0-2008-3640)
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 09:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "261088",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32331"
},
{
"name": "33111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33111"
},
{
"name": "1021034",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021034"
},
{
"name": "32292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32292"
},
{
"name": "20081009 Multiple Vendor CUPS texttops Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752"
},
{
"name": "ADV-2009-1568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "FEDORA-2008-8844",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "cups-writeprolog-bo(45790)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45790"
},
{
"name": "FEDORA-2008-8801",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33085"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "31690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31690"
},
{
"name": "ADV-2008-3401",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "32226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"name": "USN-656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/656-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L2919"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "32084",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "oval:org.mitre.oval:def:10266",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10266"
},
{
"name": "32316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "261088",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32331"
},
{
"name": "33111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33111"
},
{
"name": "1021034",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021034"
},
{
"name": "32292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32292"
},
{
"name": "20081009 Multiple Vendor CUPS texttops Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752"
},
{
"name": "ADV-2009-1568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "FEDORA-2008-8844",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "cups-writeprolog-bo(45790)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45790"
},
{
"name": "FEDORA-2008-8801",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33085"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "31690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31690"
},
{
"name": "ADV-2008-3401",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "32226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"name": "USN-656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/656-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L2919"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "32084",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "oval:org.mitre.oval:def:10266",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10266"
},
{
"name": "32316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32316"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "261088",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32331"
},
{
"name": "33111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33111"
},
{
"name": "1021034",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021034"
},
{
"name": "32292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32292"
},
{
"name": "20081009 Multiple Vendor CUPS texttops Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752"
},
{
"name": "ADV-2009-1568",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "FEDORA-2008-8844",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "cups-writeprolog-bo(45790)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45790"
},
{
"name": "FEDORA-2008-8801",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33085"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "31690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31690"
},
{
"name": "ADV-2008-3401",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "32226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"name": "USN-656-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"name": "http://www.cups.org/str.php?L2919",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L2919"
},
{
"name": "http://www.cups.org/articles.php?L575",
"refsource": "CONFIRM",
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "32084",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "oval:org.mitre.oval:def:10266",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10266"
},
{
"name": "32316",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32316"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3640",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-08-12T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0147 (GCVE-0-2009-0147)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "20090417 rPSA-2009-0059-1 poppler",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "oval:org.mitre.oval:def:9941",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "20090417 rPSA-2009-0059-1 poppler",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "oval:org.mitre.oval:def:9941",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1793",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "GLSA-200904-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34963"
},
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "DSA-1790",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=263028",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "RHSA-2009:0430",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35618"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34991"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0059",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"name": "MDVSA-2009:101",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34755"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "20090417 rPSA-2009-0059-1 poppler",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"name": "34852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=490614",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614"
},
{
"name": "34959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34959"
},
{
"name": "oval:org.mitre.oval:def:9941",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941"
},
{
"name": "RHSA-2009:0429",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0147",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-01-16T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0577 (GCVE-0-2009-0577)
Vulnerability from cvelistv5
Published
2009-02-20 19:00
Modified
2024-08-07 04:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2008-3640.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:05.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cups-texttops-writeprolog-bo(48977)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48977"
},
{
"name": "33995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33995"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-064.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486052"
},
{
"name": "oval:org.mitre.oval:def:9968",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9968"
},
{
"name": "RHSA-2009:0308",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0308.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2008-3640."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "cups-texttops-writeprolog-bo(48977)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48977"
},
{
"name": "33995",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33995"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-064.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486052"
},
{
"name": "oval:org.mitre.oval:def:9968",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9968"
},
{
"name": "RHSA-2009:0308",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0308.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0577",
"datePublished": "2009-02-20T19:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T04:40:05.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5029 (GCVE-0-2014-5029)
Vulnerability from cvelistv5
Published
2014-07-29 14:00
Modified
2024-08-06 11:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T17:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-5029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cups.org/str.php?L4455",
"refsource": "CONFIRM",
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0313.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-5029",
"datePublished": "2014-07-29T14:00:00",
"dateReserved": "2014-07-22T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5031 (GCVE-0-2014-5031)
Vulnerability from cvelistv5
Published
2014-07-29 14:00
Modified
2024-08-06 11:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T17:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-5031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cups.org/str.php?L4455",
"refsource": "CONFIRM",
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0313.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-5031",
"datePublished": "2014-07-29T14:00:00",
"dateReserved": "2014-07-22T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1196 (GCVE-0-2009-1196)
Vulnerability from cvelistv5
Published
2009-06-09 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw."
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35340"
},
{
"name": "ADV-2009-1488",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1488"
},
{
"name": "cups-directory-services-dos(50944)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50944"
},
{
"name": "1022327",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=497135"
},
{
"name": "35194",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35194"
},
{
"name": "oval:org.mitre.oval:def:11217",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11217"
},
{
"name": "RHSA-2009:1083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a \"pointer use-after-delete flaw.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "35340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35340"
},
{
"name": "ADV-2009-1488",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1488"
},
{
"name": "cups-directory-services-dos(50944)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50944"
},
{
"name": "1022327",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=497135"
},
{
"name": "35194",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35194"
},
{
"name": "oval:org.mitre.oval:def:11217",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11217"
},
{
"name": "RHSA-2009:1083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-1196",
"datePublished": "2009-06-09T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0791 (GCVE-0-2009-0791)
Vulnerability from cvelistv5
Published
2009-06-09 17:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.062Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022326",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022326"
},
{
"name": "oval:org.mitre.oval:def:10534",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10534"
},
{
"name": "35195",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35195"
},
{
"name": "37028",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37028"
},
{
"name": "35340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35340"
},
{
"name": "RHSA-2009:1501",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
},
{
"name": "37079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37079"
},
{
"name": "ADV-2009-1488",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1488"
},
{
"name": "RHSA-2009:1512",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
},
{
"name": "37077",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37077"
},
{
"name": "RHSA-2009:1503",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
},
{
"name": "cups-pdftops-filter-bo(50941)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50941"
},
{
"name": "37037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37037"
},
{
"name": "RHSA-2009:1502",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
},
{
"name": "RHSA-2009:1500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
},
{
"name": "ADV-2009-2928",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2928"
},
{
"name": "37023",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37023"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "37043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37043"
},
{
"name": "RHSA-2009:1083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"name": "MDVSA-2009:334",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1022326",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022326"
},
{
"name": "oval:org.mitre.oval:def:10534",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10534"
},
{
"name": "35195",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35195"
},
{
"name": "37028",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37028"
},
{
"name": "35340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35340"
},
{
"name": "RHSA-2009:1501",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
},
{
"name": "37079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37079"
},
{
"name": "ADV-2009-1488",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1488"
},
{
"name": "RHSA-2009:1512",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
},
{
"name": "37077",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37077"
},
{
"name": "RHSA-2009:1503",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
},
{
"name": "cups-pdftops-filter-bo(50941)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50941"
},
{
"name": "37037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37037"
},
{
"name": "RHSA-2009:1502",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
},
{
"name": "RHSA-2009:1500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
},
{
"name": "ADV-2009-2928",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2928"
},
{
"name": "37023",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37023"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "37043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37043"
},
{
"name": "RHSA-2009:1083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"name": "MDVSA-2009:334",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0791",
"datePublished": "2009-06-09T17:00:00",
"dateReserved": "2009-03-04T00:00:00",
"dateUpdated": "2024-08-07T04:48:52.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-18248 (GCVE-0-2017-18248)
Vulnerability from cvelistv5
Published
2018-03-26 17:00
Modified
2024-08-05 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180526 [SECURITY] [DLA 1387-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/apple/cups/issues/5143"
},
{
"name": "[debian-lts-announce] 20180703 [SECURITY] [DLA 1412-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"name": "USN-3713-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3713-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.cucumberlinux.com/security/details.php?id=346"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/apple/cups/releases/tag/v2.2.6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-12T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20180526 [SECURITY] [DLA 1387-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/apple/cups/issues/5143"
},
{
"name": "[debian-lts-announce] 20180703 [SECURITY] [DLA 1412-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"name": "USN-3713-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3713-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.cucumberlinux.com/security/details.php?id=346"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/apple/cups/releases/tag/v2.2.6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180526 [SECURITY] [DLA 1387-1] cups security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00018.html"
},
{
"name": "https://github.com/apple/cups/issues/5143",
"refsource": "CONFIRM",
"url": "https://github.com/apple/cups/issues/5143"
},
{
"name": "[debian-lts-announce] 20180703 [SECURITY] [DLA 1412-1] cups security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"name": "USN-3713-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3713-1/"
},
{
"name": "https://security.cucumberlinux.com/security/details.php?id=346",
"refsource": "MISC",
"url": "https://security.cucumberlinux.com/security/details.php?id=346"
},
{
"name": "https://github.com/apple/cups/releases/tag/v2.2.6",
"refsource": "CONFIRM",
"url": "https://github.com/apple/cups/releases/tag/v2.2.6"
},
{
"name": "https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3",
"refsource": "CONFIRM",
"url": "https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18248",
"datePublished": "2018-03-26T17:00:00",
"dateReserved": "2018-03-26T00:00:00",
"dateUpdated": "2024-08-05T21:13:49.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0800 (GCVE-0-2009-0800)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "oval:org.mitre.oval:def:11323",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "oval:org.mitre.oval:def:11323",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022073"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0800",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-03-04T00:00:00",
"dateUpdated": "2024-08-07T04:48:52.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5184 (GCVE-0-2008-5184)
Vulnerability from cvelistv5
Published
2008-11-21 02:00
Modified
2024-08-07 10:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20081119 CVE request: CUPS DoS via RSS subscriptions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L2774"
},
{
"name": "SUSE-SR:2008:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "MDVSA-2009:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-12-03T10:00:00",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "[oss-security] 20081119 CVE request: CUPS DoS via RSS subscriptions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L2774"
},
{
"name": "SUSE-SR:2008:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "MDVSA-2009:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2008-5184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20081119 CVE request: CUPS DoS via RSS subscriptions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"name": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/",
"refsource": "MISC",
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"name": "http://www.cups.org/str.php?L2774",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L2774"
},
{
"name": "SUSE-SR:2008:026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "MDVSA-2009:028",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2008-5184",
"datePublished": "2008-11-21T02:00:00",
"dateReserved": "2008-11-20T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3170 (GCVE-0-2011-3170)
Vulnerability from cvelistv5
Published
2011-08-19 17:00
Modified
2024-08-06 23:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:22:27.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1207-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"name": "DSA-2354",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"name": "46024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46024"
},
{
"name": "1025980",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025980"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2011:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"name": "45796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45796"
},
{
"name": "cups-gifreadlzw-function-bo(69380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69380"
},
{
"name": "MDVSA-2011:147",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:147"
},
{
"name": "49323",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49323"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/str.php?L3914"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-1207-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"name": "DSA-2354",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"name": "46024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46024"
},
{
"name": "1025980",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025980"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2011:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"name": "45796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45796"
},
{
"name": "cups-gifreadlzw-function-bo(69380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69380"
},
{
"name": "MDVSA-2011:147",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:147"
},
{
"name": "49323",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49323"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/str.php?L3914"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3170",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-1207-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=727800",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"name": "DSA-2354",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"name": "46024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46024"
},
{
"name": "1025980",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025980"
},
{
"name": "GLSA-201207-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2011:146",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"name": "45796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45796"
},
{
"name": "cups-gifreadlzw-function-bo(69380)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69380"
},
{
"name": "MDVSA-2011:147",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:147"
},
{
"name": "49323",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49323"
},
{
"name": "http://cups.org/str.php?L3914",
"refsource": "CONFIRM",
"url": "http://cups.org/str.php?L3914"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3170",
"datePublished": "2011-08-19T17:00:00",
"dateReserved": "2011-08-19T00:00:00",
"dateUpdated": "2024-08-06T23:22:27.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1374 (GCVE-0-2008-1374)
Vulnerability from cvelistv5
Published
2008-04-04 00:00
Modified
2024-08-07 08:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2008:0206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"name": "31388",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31388"
},
{
"name": "20080806 rPSA-2008-0245-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495164/100/0/threaded"
},
{
"name": "29630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29630"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2390"
},
{
"name": "oval:org.mitre.oval:def:9636",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245"
},
{
"name": "cups-pdftops-bo(41758)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41758"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2008:0206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"name": "31388",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31388"
},
{
"name": "20080806 rPSA-2008-0245-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495164/100/0/threaded"
},
{
"name": "29630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29630"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2390"
},
{
"name": "oval:org.mitre.oval:def:9636",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245"
},
{
"name": "cups-pdftops-bo(41758)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41758"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-1374",
"datePublished": "2008-04-04T00:00:00",
"dateReserved": "2008-03-18T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2896 (GCVE-0-2011-2896)
Vulnerability from cvelistv5
Published
2011-08-19 17:00
Modified
2024-08-06 23:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2426",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2426"
},
{
"name": "FEDORA-2011-11318",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html"
},
{
"name": "GLSA-201209-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/str.php?L3867"
},
{
"name": "[oss-security] 20110810 LZW decompression issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"name": "USN-1207-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"name": "RHSA-2012:1180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1180.html"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "DSA-2354",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"name": "45948",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45948"
},
{
"name": "RHSA-2012:1181",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1181.html"
},
{
"name": "46024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46024"
},
{
"name": "45900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45900"
},
{
"name": "RHSA-2011:1635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1635.html"
},
{
"name": "FEDORA-2011-11221",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html"
},
{
"name": "FEDORA-2011-11173",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730338"
},
{
"name": "49148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49148"
},
{
"name": "MDVSA-2011:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4"
},
{
"name": "FEDORA-2011-11305",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html"
},
{
"name": "USN-1214-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1214-1"
},
{
"name": "50737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc"
},
{
"name": "MDVSA-2011:167",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:167"
},
{
"name": "FEDORA-2011-11197",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html"
},
{
"name": "FEDORA-2011-11229",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html"
},
{
"name": "48236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48236"
},
{
"name": "1025929",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025929"
},
{
"name": "45621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45621"
},
{
"name": "45945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-20T17:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-2426",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2426"
},
{
"name": "FEDORA-2011-11318",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html"
},
{
"name": "GLSA-201209-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/str.php?L3867"
},
{
"name": "[oss-security] 20110810 LZW decompression issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"name": "USN-1207-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"name": "RHSA-2012:1180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1180.html"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "DSA-2354",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"name": "45948",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45948"
},
{
"name": "RHSA-2012:1181",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1181.html"
},
{
"name": "46024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46024"
},
{
"name": "45900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45900"
},
{
"name": "RHSA-2011:1635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1635.html"
},
{
"name": "FEDORA-2011-11221",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html"
},
{
"name": "FEDORA-2011-11173",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730338"
},
{
"name": "49148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49148"
},
{
"name": "MDVSA-2011:146",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4"
},
{
"name": "FEDORA-2011-11305",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html"
},
{
"name": "USN-1214-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1214-1"
},
{
"name": "50737",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc"
},
{
"name": "MDVSA-2011:167",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:167"
},
{
"name": "FEDORA-2011-11197",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html"
},
{
"name": "FEDORA-2011-11229",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html"
},
{
"name": "48236",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48236"
},
{
"name": "1025929",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025929"
},
{
"name": "45621",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45621"
},
{
"name": "45945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45945"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2896",
"datePublished": "2011-08-19T17:00:00",
"dateReserved": "2011-07-27T00:00:00",
"dateUpdated": "2024-08-06T23:15:31.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1180 (GCVE-0-2009-1180)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "oval:org.mitre.oval:def:9926",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "oval:org.mitre.oval:def:9926",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022073"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-1180",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0799 (GCVE-0-2009-0799)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10204",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
},
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "1022072",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022072"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "oval:org.mitre.oval:def:10204",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
},
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "1022072",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022072"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0799",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-03-04T00:00:00",
"dateUpdated": "2024-08-07T04:48:52.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0163 (GCVE-0-2009-0163)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:17.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/articles.php?L582"
},
{
"name": "USN-760-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-760-1"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "RHSA-2009:0428",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0428.html"
},
{
"name": "34571",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34571"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "34747",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34747"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "oval:org.mitre.oval:def:11546",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546"
},
{
"name": "1022070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022070"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L3031"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490596"
},
{
"name": "34722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34722"
},
{
"name": "DSA-1773",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1773"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/articles.php?L582"
},
{
"name": "USN-760-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-760-1"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "RHSA-2009:0428",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0428.html"
},
{
"name": "34571",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34571"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "34747",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34747"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "oval:org.mitre.oval:def:11546",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546"
},
{
"name": "1022070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022070"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L3031"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490596"
},
{
"name": "34722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34722"
},
{
"name": "DSA-1773",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1773"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200904-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "http://www.cups.org/articles.php?L582",
"refsource": "CONFIRM",
"url": "http://www.cups.org/articles.php?L582"
},
{
"name": "USN-760-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-760-1"
},
{
"name": "34481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34481"
},
{
"name": "RHSA-2009:0428",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0428.html"
},
{
"name": "34571",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34571"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "34747",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34747"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "SUSE-SA:2009:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "oval:org.mitre.oval:def:11546",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546"
},
{
"name": "1022070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022070"
},
{
"name": "34756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34852"
},
{
"name": "http://www.cups.org/str.php?L3031",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L3031"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=490596",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490596"
},
{
"name": "34722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34722"
},
{
"name": "DSA-1773",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1773"
},
{
"name": "RHSA-2009:0429",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0163",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-01-16T00:00:00",
"dateUpdated": "2024-08-07T04:24:17.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2431 (GCVE-0-2010-2431)
Vulnerability from cvelistv5
Published
2010-06-22 20:24
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:234",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "RHSA-2010:0811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "MDVSA-2010:232",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "ADV-2010-2856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=605397"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43521"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/str.php?L3510"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-09T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2010:234",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "RHSA-2010:0811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "MDVSA-2010:232",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "ADV-2010-2856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=605397"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43521"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/str.php?L3510"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2010:234",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "RHSA-2010:0811",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"name": "http://cups.org/articles.php?L596",
"refsource": "CONFIRM",
"url": "http://cups.org/articles.php?L596"
},
{
"name": "MDVSA-2010:232",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "ADV-2010-2856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"name": "DSA-2176",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=605397",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=605397"
},
{
"name": "43521",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43521"
},
{
"name": "http://cups.org/str.php?L3510",
"refsource": "CONFIRM",
"url": "http://cups.org/str.php?L3510"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2431",
"datePublished": "2010-06-22T20:24:00",
"dateReserved": "2010-06-22T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3702 (GCVE-0-2010-3702)
Vulnerability from cvelistv5
Published
2010-11-05 17:00
Modified
2024-08-07 03:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:52.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-16662",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"name": "FEDORA-2010-15857",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf"
},
{
"name": "RHSA-2010:0859",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"name": "42357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42357"
},
{
"name": "MDVSA-2010:228",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"name": "ADV-2011-0230",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"name": "RHSA-2010:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"name": "SUSE-SR:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "MDVSA-2010:230",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"name": "SUSE-SR:2010:022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "43845",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/43845"
},
{
"name": "MDVSA-2010:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"name": "FEDORA-2010-16705",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"name": "SSA:2010-324-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"name": "RHSA-2010:0751",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"name": "42397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42397"
},
{
"name": "42141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42141"
},
{
"name": "FEDORA-2010-15911",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "ADV-2010-3097",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"name": "USN-1005-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"name": "RHSA-2010:0749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"name": "RHSA-2010:0754",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0754.html"
},
{
"name": "FEDORA-2010-15981",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"name": "FEDORA-2010-16744",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"name": "ADV-2010-2897",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"name": "42691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42691"
},
{
"name": "DSA-2119",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "MDVSA-2010:229",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"name": "DSA-2135",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"name": "RHSA-2010:0750",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0750.html"
},
{
"name": "RHSA-2010:0755",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html"
},
{
"name": "RHSA-2010:0753",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"name": "43079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-11T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-16662",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"name": "FEDORA-2010-15857",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf"
},
{
"name": "RHSA-2010:0859",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"name": "42357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42357"
},
{
"name": "MDVSA-2010:228",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"name": "ADV-2011-0230",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"name": "RHSA-2010:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"name": "SUSE-SR:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "MDVSA-2010:230",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"name": "SUSE-SR:2010:022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "43845",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/43845"
},
{
"name": "MDVSA-2010:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"name": "FEDORA-2010-16705",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"name": "SSA:2010-324-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"name": "RHSA-2010:0751",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"name": "42397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42397"
},
{
"name": "42141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42141"
},
{
"name": "FEDORA-2010-15911",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "ADV-2010-3097",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"name": "USN-1005-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"name": "RHSA-2010:0749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"name": "RHSA-2010:0754",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0754.html"
},
{
"name": "FEDORA-2010-15981",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"name": "FEDORA-2010-16744",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"name": "ADV-2010-2897",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"name": "42691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42691"
},
{
"name": "DSA-2119",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "MDVSA-2010:229",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"name": "DSA-2135",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"name": "RHSA-2010:0750",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0750.html"
},
{
"name": "RHSA-2010:0755",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html"
},
{
"name": "RHSA-2010:0753",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"name": "43079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43079"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3702",
"datePublished": "2010-11-05T17:00:00",
"dateReserved": "2010-10-01T00:00:00",
"dateUpdated": "2024-08-07T03:18:52.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2941 (GCVE-0-2010-2941)
Vulnerability from cvelistv5
Published
2010-11-05 16:28
Modified
2024-08-07 02:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:45.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:234",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "ADV-2010-3042",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3042"
},
{
"name": "RHSA-2010:0811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"name": "RHSA-2010:0866",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0866.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"name": "MDVSA-2010:232",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "FEDORA-2010-17615",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html"
},
{
"name": "SUSE-SR:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "ADV-2010-2856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "1024662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024662"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "42867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42867"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0061",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"name": "FEDORA-2010-17641",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "USN-1012-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1012-1"
},
{
"name": "FEDORA-2010-17627",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html"
},
{
"name": "MDVSA-2010:233",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:233"
},
{
"name": "42287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42287"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=624438"
},
{
"name": "cups-cupsd-code-execution(62882)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62882"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43521"
},
{
"name": "SSA:2010-333-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.468323"
},
{
"name": "68951",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/68951"
},
{
"name": "44530",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44530"
},
{
"name": "ADV-2010-3088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3088"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDVSA-2010:234",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "ADV-2010-3042",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3042"
},
{
"name": "RHSA-2010:0811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"name": "RHSA-2010:0866",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0866.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"name": "MDVSA-2010:232",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "FEDORA-2010-17615",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html"
},
{
"name": "SUSE-SR:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "ADV-2010-2856",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "1024662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024662"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "42867",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42867"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0061",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"name": "FEDORA-2010-17641",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "USN-1012-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1012-1"
},
{
"name": "FEDORA-2010-17627",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html"
},
{
"name": "MDVSA-2010:233",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:233"
},
{
"name": "42287",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42287"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=624438"
},
{
"name": "cups-cupsd-code-execution(62882)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62882"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43521"
},
{
"name": "SSA:2010-333-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.468323"
},
{
"name": "68951",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/68951"
},
{
"name": "44530",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44530"
},
{
"name": "ADV-2010-3088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3088"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2941",
"datePublished": "2010-11-05T16:28:00",
"dateReserved": "2010-08-04T00:00:00",
"dateUpdated": "2024-08-07T02:55:45.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5183 (GCVE-0-2008-5183)
Vulnerability from cvelistv5
Published
2008-11-21 02:00
Modified
2024-08-07 10:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7150",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7150"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "oval:org.mitre.oval:def:10586",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10586"
},
{
"name": "[oss-security] 20081120 Re: CVE request: CUPS DoS via RSS subscriptions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/1"
},
{
"name": "[oss-security] 20081119 CVE request: CUPS DoS via RSS subscriptions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"name": "[oss-security] 20081119 Re: CVE request: CUPS DoS via RSS subscriptions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "1021396",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021396"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "ADV-2009-0422",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0422"
},
{
"name": "32419",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32419"
},
{
"name": "RHSA-2008:1029",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1029.html"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43521"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lab.gnucitizen.org/projects/cups-0day"
},
{
"name": "cups-rss-dos(46684)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46684"
},
{
"name": "SUSE-SR:2008:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "MDVSA-2009:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "7150",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7150"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "oval:org.mitre.oval:def:10586",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10586"
},
{
"name": "[oss-security] 20081120 Re: CVE request: CUPS DoS via RSS subscriptions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/1"
},
{
"name": "[oss-security] 20081119 CVE request: CUPS DoS via RSS subscriptions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"name": "[oss-security] 20081119 Re: CVE request: CUPS DoS via RSS subscriptions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "1021396",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021396"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "ADV-2009-0422",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0422"
},
{
"name": "32419",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32419"
},
{
"name": "RHSA-2008:1029",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1029.html"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43521"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lab.gnucitizen.org/projects/cups-0day"
},
{
"name": "cups-rss-dos(46684)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46684"
},
{
"name": "SUSE-SR:2008:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "MDVSA-2009:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2008-5183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7150",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7150"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "oval:org.mitre.oval:def:10586",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10586"
},
{
"name": "[oss-security] 20081120 Re: CVE request: CUPS DoS via RSS subscriptions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/1"
},
{
"name": "[oss-security] 20081119 CVE request: CUPS DoS via RSS subscriptions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"name": "[oss-security] 20081119 Re: CVE request: CUPS DoS via RSS subscriptions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/4"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "DSA-2176",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "1021396",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021396"
},
{
"name": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/",
"refsource": "MISC",
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"name": "ADV-2011-0535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "ADV-2009-0422",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0422"
},
{
"name": "32419",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32419"
},
{
"name": "RHSA-2008:1029",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1029.html"
},
{
"name": "43521",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43521"
},
{
"name": "http://lab.gnucitizen.org/projects/cups-0day",
"refsource": "MISC",
"url": "http://lab.gnucitizen.org/projects/cups-0day"
},
{
"name": "cups-rss-dos(46684)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46684"
},
{
"name": "SUSE-SR:2008:026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"name": "MDVSA-2009:028",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2008-5183",
"datePublished": "2008-11-21T02:00:00",
"dateReserved": "2008-11-20T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2856 (GCVE-0-2014-2856)
Vulnerability from cvelistv5
Published
2014-04-18 14:00
Modified
2024-08-06 10:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "57880",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57880"
},
{
"name": "66788",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66788"
},
{
"name": "USN-2172-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2172-1"
},
{
"name": "[oss-security] 20140414 CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/14/2"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0193.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/documentation.php/relnotes.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L4356"
},
{
"name": "[oss-security] 20140415 Re: CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/15/3"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "57880",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57880"
},
{
"name": "66788",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66788"
},
{
"name": "USN-2172-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2172-1"
},
{
"name": "[oss-security] 20140414 CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/14/2"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0193.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/documentation.php/relnotes.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L4356"
},
{
"name": "[oss-security] 20140415 Re: CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/15/3"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57880",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57880"
},
{
"name": "66788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66788"
},
{
"name": "USN-2172-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2172-1"
},
{
"name": "[oss-security] 20140414 CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/14/2"
},
{
"name": "RHSA-2014:1388",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0193.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0193.html"
},
{
"name": "http://www.cups.org/documentation.php/relnotes.html",
"refsource": "CONFIRM",
"url": "http://www.cups.org/documentation.php/relnotes.html"
},
{
"name": "http://www.cups.org/str.php?L4356",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L4356"
},
{
"name": "[oss-security] 20140415 Re: CVE request: cross-site scripting issue fixed in CUPS 1.7.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/15/3"
},
{
"name": "MDVSA-2015:108",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2856",
"datePublished": "2014-04-18T14:00:00",
"dateReserved": "2014-04-15T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0542 (GCVE-0-2010-0542)
Vulnerability from cvelistv5
Published
2010-06-21 16:00
Modified
2024-08-07 00:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=587746"
},
{
"name": "MDVSA-2010:234",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "40943",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40943"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "MDVSA-2010:232",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "SUSE-SR:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/strfiles/3516/str3516.patch"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/str.php?L3516"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43521"
},
{
"name": "oval:org.mitre.oval:def:10365",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365"
},
{
"name": "1024121",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024121"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=587746"
},
{
"name": "MDVSA-2010:234",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "40943",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40943"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "MDVSA-2010:232",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "SUSE-SR:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/strfiles/3516/str3516.patch"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/str.php?L3516"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43521"
},
{
"name": "oval:org.mitre.oval:def:10365",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365"
},
{
"name": "1024121",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024121"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-0542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=587746",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=587746"
},
{
"name": "MDVSA-2010:234",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "40943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40943"
},
{
"name": "http://cups.org/articles.php?L596",
"refsource": "CONFIRM",
"url": "http://cups.org/articles.php?L596"
},
{
"name": "MDVSA-2010:232",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "SUSE-SR:2010:023",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "DSA-2176",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "GLSA-201207-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "http://cups.org/strfiles/3516/str3516.patch",
"refsource": "CONFIRM",
"url": "http://cups.org/strfiles/3516/str3516.patch"
},
{
"name": "ADV-2011-0535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "http://cups.org/str.php?L3516",
"refsource": "CONFIRM",
"url": "http://cups.org/str.php?L3516"
},
{
"name": "43521",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43521"
},
{
"name": "oval:org.mitre.oval:def:10365",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365"
},
{
"name": "1024121",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024121"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-0542",
"datePublished": "2010-06-21T16:00:00",
"dateReserved": "2010-02-03T00:00:00",
"dateUpdated": "2024-08-07T00:52:19.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0195 (GCVE-0-2009-0195)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-18/"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "20090417 Secunia Research: CUPS pdftops JBIG2 Symbol Dictionary Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502759/100/0/threaded"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "oval:org.mitre.oval:def:10076",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "20090417 Secunia Research: Xpdf JBIG2 Symbol Dictionary Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502762/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-17/"
},
{
"name": "34791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-18/"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "20090417 Secunia Research: CUPS pdftops JBIG2 Symbol Dictionary Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502759/100/0/threaded"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "oval:org.mitre.oval:def:10076",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "20090417 Secunia Research: Xpdf JBIG2 Symbol Dictionary Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502762/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-17/"
},
{
"name": "34791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2009-18/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-18/"
},
{
"name": "34963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34963"
},
{
"name": "35064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35064"
},
{
"name": "34481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34481"
},
{
"name": "20090417 Secunia Research: CUPS pdftops JBIG2 Symbol Dictionary Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502759/100/0/threaded"
},
{
"name": "RHSA-2009:0480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "RHSA-2009:0458",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "oval:org.mitre.oval:def:10076",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "34756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34291"
},
{
"name": "20090417 Secunia Research: Xpdf JBIG2 Symbol Dictionary Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502762/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2009-17/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-17/"
},
{
"name": "34791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-0195",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0146 (GCVE-0-2009-0146)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:17.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "oval:org.mitre.oval:def:9632",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632"
},
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "20090417 rPSA-2009-0059-1 poppler",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "oval:org.mitre.oval:def:9632",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632"
},
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "20090417 rPSA-2009-0059-1 poppler",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1793",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "oval:org.mitre.oval:def:9632",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632"
},
{
"name": "GLSA-200904-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34963"
},
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "DSA-1790",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "35064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=263028",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "RHSA-2009:0430",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35618"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=490612",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34991"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0059",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"name": "MDVSA-2009:101",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "35685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34755"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "20090417 rPSA-2009-0059-1 poppler",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"name": "34852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34959"
},
{
"name": "RHSA-2009:0429",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0146",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-01-16T00:00:00",
"dateUpdated": "2024-08-07T04:24:17.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0166 (GCVE-0-2009-0166)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "oval:org.mitre.oval:def:9778",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "oval:org.mitre.oval:def:9778",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1793",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "GLSA-200904-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "34963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "RHSA-2009:0430",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"name": "34568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "ADV-2010-1040",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34991"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=490625",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
},
{
"name": "MDVSA-2009:101",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35685"
},
{
"name": "34756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34959"
},
{
"name": "oval:org.mitre.oval:def:9778",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
},
{
"name": "RHSA-2009:0429",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0166",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-01-16T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3641 (GCVE-0-2008-3641)
Vulnerability from cvelistv5
Published
2008-10-10 10:00
Modified
2024-08-07 09:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:19.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "261088",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32331"
},
{
"name": "31681",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"name": "cups-hpgl-code-execution(45779)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45779"
},
{
"name": "33111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33111"
},
{
"name": "oval:org.mitre.oval:def:9666",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666"
},
{
"name": "32292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32292"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-067"
},
{
"name": "ADV-2009-1568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "FEDORA-2008-8844",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "FEDORA-2008-8801",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33085"
},
{
"name": "SUSE-SR:2009:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "33568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33568"
},
{
"name": "ADV-2008-3401",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "31688",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31688"
},
{
"name": "32222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32222"
},
{
"name": "32226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L2911"
},
{
"name": "1021031",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021031"
},
{
"name": "USN-656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/656-1/"
},
{
"name": "ADV-2008-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "APPLE-SA-2008-10-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "32084",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "32316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32316"
},
{
"name": "20081010 ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497221/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "261088",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32331"
},
{
"name": "31681",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"name": "cups-hpgl-code-execution(45779)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45779"
},
{
"name": "33111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33111"
},
{
"name": "oval:org.mitre.oval:def:9666",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666"
},
{
"name": "32292",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32292"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-067"
},
{
"name": "ADV-2009-1568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "FEDORA-2008-8844",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "FEDORA-2008-8801",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33085"
},
{
"name": "SUSE-SR:2009:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "33568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33568"
},
{
"name": "ADV-2008-3401",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "31688",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31688"
},
{
"name": "32222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32222"
},
{
"name": "32226",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L2911"
},
{
"name": "1021031",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021031"
},
{
"name": "USN-656-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/656-1/"
},
{
"name": "ADV-2008-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "APPLE-SA-2008-10-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "32084",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "32316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32316"
},
{
"name": "20081010 ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497221/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "261088",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"name": "32284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32284"
},
{
"name": "MDVSA-2008:211",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"name": "ADV-2008-2782",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"name": "GLSA-200812-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "32331",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32331"
},
{
"name": "31681",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31681"
},
{
"name": "cups-hpgl-code-execution(45779)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45779"
},
{
"name": "33111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33111"
},
{
"name": "oval:org.mitre.oval:def:9666",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666"
},
{
"name": "32292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32292"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-067",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-067"
},
{
"name": "ADV-2009-1568",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"name": "FEDORA-2008-8844",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"name": "FEDORA-2008-8801",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"name": "SUSE-SR:2008:021",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"name": "33085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33085"
},
{
"name": "SUSE-SR:2009:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"name": "33568",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33568"
},
{
"name": "ADV-2008-3401",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"name": "31688",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31688"
},
{
"name": "32222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32222"
},
{
"name": "32226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32226"
},
{
"name": "DSA-1656",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"name": "http://www.cups.org/str.php?L2911",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L2911"
},
{
"name": "1021031",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021031"
},
{
"name": "USN-656-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"name": "ADV-2008-2780",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"name": "http://www.cups.org/articles.php?L575",
"refsource": "CONFIRM",
"url": "http://www.cups.org/articles.php?L575"
},
{
"name": "APPLE-SA-2008-10-09",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT3216",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3216"
},
{
"name": "32084",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32084"
},
{
"name": "RHSA-2008:0937",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"name": "32316",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32316"
},
{
"name": "20081010 ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497221/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3641",
"datePublished": "2008-10-10T10:00:00",
"dateReserved": "2008-08-12T00:00:00",
"dateUpdated": "2024-08-07T09:45:19.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-4300 (GCVE-0-2018-4300)
Vulnerability from cvelistv5
Published
2019-04-03 17:54
Modified
2024-08-05 05:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A maliciously crafted web site or local HTML file might be able to collect sanitized job and printer status information without the knowledge of the user
Summary
The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:11:22.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/apple/cups/releases/tag/v2.2.10"
},
{
"name": "107785",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107785"
},
{
"name": "[debian-lts-announce] 20190928 [SECURITY] [DLA 1936-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CUPS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions prior to: v2.2.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A maliciously crafted web site or local HTML file might be able to collect sanitized job and printer status information without the knowledge of the user",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-28T11:06:05",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apple/cups/releases/tag/v2.2.10"
},
{
"name": "107785",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107785"
},
{
"name": "[debian-lts-announce] 20190928 [SECURITY] [DLA 1936-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2018-4300",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CUPS",
"version": {
"version_data": [
{
"version_value": "Versions prior to: v2.2.10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A maliciously crafted web site or local HTML file might be able to collect sanitized job and printer status information without the knowledge of the user"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/apple/cups/releases/tag/v2.2.10",
"refsource": "MISC",
"url": "https://github.com/apple/cups/releases/tag/v2.2.10"
},
{
"name": "107785",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107785"
},
{
"name": "[debian-lts-announce] 20190928 [SECURITY] [DLA 1936-1] cups security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2018-4300",
"datePublished": "2019-04-03T17:54:23",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T05:11:22.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2154 (GCVE-0-2004-2154)
Vulnerability from cvelistv5
Published
2005-07-05 04:00
Modified
2024-08-08 01:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apple:cups:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cups",
"vendor": "apple",
"versions": [
{
"lessThan": "1.1.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ubuntu_linux",
"vendor": "canonical",
"versions": [
{
"status": "affected",
"version": "4.10"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2004-2154",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T14:59:33.852643Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-178",
"description": "CWE-178 Improper Handling of Case Sensitivity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T15:10:00.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2005:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L700"
},
{
"name": "RHSA-2005:571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-571.html"
},
{
"name": "FLSA:163274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274"
},
{
"name": "USN-185-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-185-1"
},
{
"name": "oval:org.mitre.oval:def:9940",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SR:2005:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L700"
},
{
"name": "RHSA-2005:571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-571.html"
},
{
"name": "FLSA:163274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274"
},
{
"name": "USN-185-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-185-1"
},
{
"name": "oval:org.mitre.oval:def:9940",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2004-2154",
"datePublished": "2005-07-05T04:00:00",
"dateReserved": "2005-07-05T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5030 (GCVE-0-2014-5030)
Vulnerability from cvelistv5
Published
2014-07-29 14:00
Modified
2024-08-06 11:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T17:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-5030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cups.org/str.php?L4455",
"refsource": "CONFIRM",
"url": "https://cups.org/str.php?L4455"
},
{
"name": "USN-2341-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"name": "[oss-security] 20140722 Re: CVE Request: cups: Incomplete fix for CVE-2014-3537",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"name": "RHSA-2014:1388",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "60787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60787"
},
{
"name": "DSA-2990",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"name": "[oss-security] 20140722 CVE Request: cups: Incomplete fix for CVE-2014-3537",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0313.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "60509",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60509"
},
{
"name": "MDVSA-2015:108",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-5030",
"datePublished": "2014-07-29T14:00:00",
"dateReserved": "2014-07-22T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6094 (GCVE-0-2012-6094)
Vulnerability from cvelistv5
Published
2019-12-20 14:07
Modified
2024-08-06 21:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- 'Listen localhost:631' option not honoured correctly on IPv6-enabled systems when systemd used for CUPS socket activation
Summary
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:28.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82451"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/01/04/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57158"
},
{
"name": "Red Hat",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-6094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cups",
"vendor": "cups",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.7.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cups (Common Unix Printing System) \u0027Listen localhost:631\u0027 option not honored correctly which could provide unauthorized access to the system"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "\u0027Listen localhost:631\u0027 option not honoured correctly on IPv6-enabled systems when systemd used for CUPS socket activation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-20T14:07:15",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82451"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2013/01/04/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/57158"
},
{
"name": "Red Hat",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/cve-2012-6094"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-6094",
"datePublished": "2019-12-20T14:07:15",
"dateReserved": "2012-12-06T00:00:00",
"dateUpdated": "2024-08-06T21:21:28.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1182 (GCVE-0-2009-1182)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "oval:org.mitre.oval:def:10735",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "oval:org.mitre.oval:def:10735",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022073"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-1182",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3537 (GCVE-0-2014-3537)
Vulnerability from cvelistv5
Published
2014-07-23 14:00
Modified
2024-08-06 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:16.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2014-8351",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html"
},
{
"name": "60273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60273"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/blog.php?L724"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "USN-2293-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2293-1"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "68788",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68788"
},
{
"name": "60787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60787"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L4450"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1115576"
},
{
"name": "59945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59945"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "1030611",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030611"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2014-8351",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html"
},
{
"name": "60273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60273"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/blog.php?L724"
},
{
"name": "RHSA-2014:1388",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"name": "USN-2293-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2293-1"
},
{
"name": "APPLE-SA-2014-10-16-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"name": "68788",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68788"
},
{
"name": "60787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60787"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L4450"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1115576"
},
{
"name": "59945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59945"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6535"
},
{
"name": "1030611",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030611"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3537",
"datePublished": "2014-07-23T14:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:16.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-18190 (GCVE-0-2017-18190)
Vulnerability from cvelistv5
Published
2018-02-16 17:00
Modified
2024-08-05 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1).
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3577-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3577-1/"
},
{
"name": "[debian-lts-announce] 20180703 [SECURITY] [DLA 1412-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41"
},
{
"name": "[debian-lts-announce] 20180222 [SECURITY] [DLA 1288-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00023.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1048"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-04T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-3577-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3577-1/"
},
{
"name": "[debian-lts-announce] 20180703 [SECURITY] [DLA 1412-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41"
},
{
"name": "[debian-lts-announce] 20180222 [SECURITY] [DLA 1288-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00023.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1048"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3577-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3577-1/"
},
{
"name": "[debian-lts-announce] 20180703 [SECURITY] [DLA 1412-1] cups security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"name": "https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41",
"refsource": "MISC",
"url": "https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41"
},
{
"name": "[debian-lts-announce] 20180222 [SECURITY] [DLA 1288-1] cups security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00023.html"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1048",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1048"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18190",
"datePublished": "2018-02-16T17:00:00",
"dateReserved": "2018-02-16T00:00:00",
"dateUpdated": "2024-08-05T21:13:49.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1183 (GCVE-0-2009-1183)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "1022072",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022072"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "oval:org.mitre.oval:def:10769",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "1022072",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022072"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "oval:org.mitre.oval:def:10769",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-1183",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1179 (GCVE-0-2009-1179)
Vulnerability from cvelistv5
Published
2009-04-23 17:00
Modified
2024-08-07 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34963"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34959"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022073"
},
{
"name": "oval:org.mitre.oval:def:11892",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1793",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"name": "34963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34963"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "DSA-1790",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"name": "35037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35037"
},
{
"name": "ADV-2009-1077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "35064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35064"
},
{
"name": "ADV-2009-1066",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"name": "34481",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34481"
},
{
"name": "SSA:2009-129-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "RHSA-2009:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"name": "ADV-2009-1065",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"name": "RHSA-2009:0430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "FEDORA-2009-6972",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"name": "35618",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35618"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889"
},
{
"name": "RHSA-2009:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"name": "34568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"name": "MDVSA-2011:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"name": "VU#196617",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"name": "ADV-2010-1040",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"name": "SUSE-SA:2009:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"name": "RHSA-2009:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"name": "FEDORA-2009-6982",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"name": "34991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34991"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35379"
},
{
"name": "MDVSA-2009:101",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"name": "MDVSA-2010:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "ADV-2009-1076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"name": "34756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34756"
},
{
"name": "34291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34291"
},
{
"name": "34755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34755"
},
{
"name": "34852",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34852"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "FEDORA-2009-6973",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"name": "34959",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34959"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "34746",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34746"
},
{
"name": "RHSA-2009:0429",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"name": "1022073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022073"
},
{
"name": "oval:org.mitre.oval:def:11892",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-1179",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0053 (GCVE-0-2008-0053)
Vulnerability from cvelistv5
Published
2008-03-18 23:00
Modified
2024-08-07 07:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:24.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2008:0206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"name": "31324",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31324"
},
{
"name": "28304",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28304"
},
{
"name": "29659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29659"
},
{
"name": "29573",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29573"
},
{
"name": "TA08-079A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "USN-598-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-598-1"
},
{
"name": "SUSE-SA:2008:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html"
},
{
"name": "MDVSA-2008:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:081"
},
{
"name": "oval:org.mitre.oval:def:10356",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10356"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "29630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29630"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "29750",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29750"
},
{
"name": "FEDORA-2008-2897",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00105.html"
},
{
"name": "29634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29634"
},
{
"name": "29655",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29655"
},
{
"name": "DSA-1625",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1625"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "1019672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019672"
},
{
"name": "28334",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28334"
},
{
"name": "macos-cups-inputvalidation-unspecified(41272)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41272"
},
{
"name": "RHSA-2008:0192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0192.html"
},
{
"name": "GLSA-200804-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-01.xml"
},
{
"name": "29603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29603"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2008:0206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"name": "31324",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31324"
},
{
"name": "28304",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28304"
},
{
"name": "29659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29659"
},
{
"name": "29573",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29573"
},
{
"name": "TA08-079A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "USN-598-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-598-1"
},
{
"name": "SUSE-SA:2008:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html"
},
{
"name": "MDVSA-2008:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:081"
},
{
"name": "oval:org.mitre.oval:def:10356",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10356"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "29630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29630"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "29750",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29750"
},
{
"name": "FEDORA-2008-2897",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00105.html"
},
{
"name": "29634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29634"
},
{
"name": "29655",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29655"
},
{
"name": "DSA-1625",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1625"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "1019672",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019672"
},
{
"name": "28334",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28334"
},
{
"name": "macos-cups-inputvalidation-unspecified(41272)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41272"
},
{
"name": "RHSA-2008:0192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0192.html"
},
{
"name": "GLSA-200804-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-01.xml"
},
{
"name": "29603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29603"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2008:0206",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"name": "31324",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31324"
},
{
"name": "28304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28304"
},
{
"name": "29659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29659"
},
{
"name": "29573",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29573"
},
{
"name": "TA08-079A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html"
},
{
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "USN-598-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-598-1"
},
{
"name": "SUSE-SA:2008:020",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html"
},
{
"name": "MDVSA-2008:081",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:081"
},
{
"name": "oval:org.mitre.oval:def:10356",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10356"
},
{
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name": "29630",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29630"
},
{
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "29750",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29750"
},
{
"name": "FEDORA-2008-2897",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00105.html"
},
{
"name": "29634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29634"
},
{
"name": "29655",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29655"
},
{
"name": "DSA-1625",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1625"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "1019672",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019672"
},
{
"name": "28334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28334"
},
{
"name": "macos-cups-inputvalidation-unspecified(41272)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41272"
},
{
"name": "RHSA-2008:0192",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0192.html"
},
{
"name": "GLSA-200804-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-01.xml"
},
{
"name": "29603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29603"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0053",
"datePublished": "2008-03-18T23:00:00",
"dateReserved": "2008-01-03T00:00:00",
"dateUpdated": "2024-08-07T07:32:24.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6891 (GCVE-0-2013-6891)
Vulnerability from cvelistv5
Published
2014-01-26 01:00
Modified
2024-08-06 17:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:53:45.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/blog.php?L704"
},
{
"name": "USN-2082-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2082-1"
},
{
"name": "MDVSA-2014:015",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:015"
},
{
"name": "56531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56531"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L4319"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-20T16:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/blog.php?L704"
},
{
"name": "USN-2082-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2082-1"
},
{
"name": "MDVSA-2014:015",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:015"
},
{
"name": "56531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56531"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L4319"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://advisories.mageia.org/MGASA-2014-0021.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0021.html"
},
{
"name": "http://www.cups.org/blog.php?L704",
"refsource": "CONFIRM",
"url": "http://www.cups.org/blog.php?L704"
},
{
"name": "USN-2082-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2082-1"
},
{
"name": "MDVSA-2014:015",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:015"
},
{
"name": "56531",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56531"
},
{
"name": "http://www.cups.org/str.php?L4319",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L4319"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6891",
"datePublished": "2014-01-26T01:00:00",
"dateReserved": "2013-11-28T00:00:00",
"dateUpdated": "2024-08-06T17:53:45.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3553 (GCVE-0-2009-3553)
Vulnerability from cvelistv5
Published
2009-11-20 02:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:31:10.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37364",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37364"
},
{
"name": "oval:org.mitre.oval:def:11183",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11183"
},
{
"name": "USN-906-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"name": "RHSA-2009:1595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1595.html"
},
{
"name": "37048",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37048"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4004"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs"
},
{
"name": "APPLE-SA-2010-01-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "37360",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37360"
},
{
"name": "MDVSA-2010:073",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L3200"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530111"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs"
},
{
"name": "FEDORA-2009-12652",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43521"
},
{
"name": "38241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38241"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs"
},
{
"name": "275230",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1"
},
{
"name": "ADV-2010-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "37364",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37364"
},
{
"name": "oval:org.mitre.oval:def:11183",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11183"
},
{
"name": "USN-906-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"name": "RHSA-2009:1595",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1595.html"
},
{
"name": "37048",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37048"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4004"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs"
},
{
"name": "APPLE-SA-2010-01-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "37360",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37360"
},
{
"name": "MDVSA-2010:073",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cups.org/str.php?L3200"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530111"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs"
},
{
"name": "FEDORA-2009-12652",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43521"
},
{
"name": "38241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38241"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs"
},
{
"name": "275230",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1"
},
{
"name": "ADV-2010-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0173"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-3553",
"datePublished": "2009-11-20T02:00:00",
"dateReserved": "2009-10-05T00:00:00",
"dateUpdated": "2024-08-07T06:31:10.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1748 (GCVE-0-2010-1748)
Vulnerability from cvelistv5
Published
2010-06-17 16:00
Modified
2024-08-07 01:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:35:53.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2010-06-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"name": "MDVSA-2010:234",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "ADV-2010-1481",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "40871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40871"
},
{
"name": "MDVSA-2010:232",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "SUSE-SR:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4188"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "40220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/str.php?L3577"
},
{
"name": "oval:org.mitre.oval:def:9723",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43521"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect\u0026URL=% and (2) /admin?URL=/admin/\u0026OP=% URIs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "APPLE-SA-2010-06-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"name": "MDVSA-2010:234",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "ADV-2010-1481",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "40871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40871"
},
{
"name": "MDVSA-2010:232",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "SUSE-SR:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "DSA-2176",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4188"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0535",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "40220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/str.php?L3577"
},
{
"name": "oval:org.mitre.oval:def:9723",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723"
},
{
"name": "43521",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43521"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1748",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect\u0026URL=% and (2) /admin?URL=/admin/\u0026OP=% URIs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2010-06-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"name": "MDVSA-2010:234",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"name": "ADV-2010-1481",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"name": "http://cups.org/articles.php?L596",
"refsource": "CONFIRM",
"url": "http://cups.org/articles.php?L596"
},
{
"name": "40871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40871"
},
{
"name": "MDVSA-2010:232",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"name": "SUSE-SR:2010:023",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"name": "DSA-2176",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"name": "http://support.apple.com/kb/HT4188",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4188"
},
{
"name": "GLSA-201207-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "ADV-2011-0535",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"name": "40220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40220"
},
{
"name": "http://cups.org/str.php?L3577",
"refsource": "CONFIRM",
"url": "http://cups.org/str.php?L3577"
},
{
"name": "oval:org.mitre.oval:def:9723",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723"
},
{
"name": "43521",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43521"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-1748",
"datePublished": "2010-06-17T16:00:00",
"dateReserved": "2010-05-06T00:00:00",
"dateUpdated": "2024-08-07T01:35:53.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5519 (GCVE-0-2012-5519)
Vulnerability from cvelistv5
Published
2012-11-20 00:00
Modified
2024-08-06 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20121111 Re: Privilege escalation (lpadmin -\u003e root) in cups",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/11/5"
},
{
"name": "USN-1654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1654-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5784"
},
{
"name": "APPLE-SA-2013-06-04-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
},
{
"name": "SUSE-SU-2015:1044",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html"
},
{
"name": "cups-systemgroup-priv-esc(80012)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012"
},
{
"name": "[oss-security] 20121111 Re: Privilege escalation (lpadmin -\u003e root) in cups",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/11/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791"
},
{
"name": "RHSA-2013:0580",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0580.html"
},
{
"name": "SUSE-SU-2015:1041",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html"
},
{
"name": "[oss-security] 20121110 Privilege escalation (lpadmin -\u003e root) in cups",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/5"
},
{
"name": "56494",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56494"
},
{
"name": "openSUSE-SU-2015:1056",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20121111 Re: Privilege escalation (lpadmin -\u003e root) in cups",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/11/5"
},
{
"name": "USN-1654-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1654-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5784"
},
{
"name": "APPLE-SA-2013-06-04-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
},
{
"name": "SUSE-SU-2015:1044",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html"
},
{
"name": "cups-systemgroup-priv-esc(80012)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012"
},
{
"name": "[oss-security] 20121111 Re: Privilege escalation (lpadmin -\u003e root) in cups",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/11/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791"
},
{
"name": "RHSA-2013:0580",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0580.html"
},
{
"name": "SUSE-SU-2015:1041",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html"
},
{
"name": "[oss-security] 20121110 Privilege escalation (lpadmin -\u003e root) in cups",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/5"
},
{
"name": "56494",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56494"
},
{
"name": "openSUSE-SU-2015:1056",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5519",
"datePublished": "2012-11-20T00:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:05:47.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0302 (GCVE-0-2010-0302)
Vulnerability from cvelistv5
Published
2010-03-05 19:00
Modified
2024-08-07 00:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2010-06-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"name": "USN-906-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=557775"
},
{
"name": "oval:org.mitre.oval:def:11216",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11216"
},
{
"name": "ADV-2010-1481",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "1024124",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024124"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4188"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "FEDORA-2010-2743",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037174.html"
},
{
"name": "40220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40220"
},
{
"name": "MDVSA-2010:073",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cups.org/str.php?L3490"
},
{
"name": "38510",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38510"
},
{
"name": "38785",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38785"
},
{
"name": "RHSA-2010:0129",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0129.html"
},
{
"name": "38979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38979"
},
{
"name": "38927",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38927"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "APPLE-SA-2010-06-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"name": "USN-906-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=557775"
},
{
"name": "oval:org.mitre.oval:def:11216",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11216"
},
{
"name": "ADV-2010-1481",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/articles.php?L596"
},
{
"name": "1024124",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024124"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4188"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "FEDORA-2010-2743",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037174.html"
},
{
"name": "40220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40220"
},
{
"name": "MDVSA-2010:073",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cups.org/str.php?L3490"
},
{
"name": "38510",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38510"
},
{
"name": "38785",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38785"
},
{
"name": "RHSA-2010:0129",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0129.html"
},
{
"name": "38979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38979"
},
{
"name": "38927",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38927"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0302",
"datePublished": "2010-03-05T19:00:00",
"dateReserved": "2010-01-12T00:00:00",
"dateUpdated": "2024-08-07T00:45:11.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0032 (GCVE-0-2009-0032)
Vulnerability from cvelistv5
Published
2009-01-27 20:00
Modified
2024-08-07 04:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1021637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021637"
},
{
"name": "MDVSA-2009:027",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:027"
},
{
"name": "cups-pdflog-symlink(48210)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48210"
},
{
"name": "MDVSA-2009:029",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"name": "MDVSA-2009:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"name": "33418",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33418"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1021637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021637"
},
{
"name": "MDVSA-2009:027",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:027"
},
{
"name": "cups-pdflog-symlink(48210)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48210"
},
{
"name": "MDVSA-2009:029",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"name": "MDVSA-2009:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"name": "33418",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33418"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0032",
"datePublished": "2009-01-27T20:00:00",
"dateReserved": "2008-12-15T00:00:00",
"dateUpdated": "2024-08-07T04:17:10.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0393 (GCVE-0-2010-0393)
Vulnerability from cvelistv5
Published
2010-03-05 19:00
Modified
2024-08-07 00:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L3482"
},
{
"name": "USN-906-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"name": "38524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38524"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "MDVSA-2010:072",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:072"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2010:073",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=558460"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-01T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cups.org/str.php?L3482"
},
{
"name": "USN-906-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"name": "38524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38524"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "MDVSA-2010:072",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:072"
},
{
"name": "GLSA-201207-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2010:073",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=558460"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cups.org/str.php?L3482",
"refsource": "MISC",
"url": "http://www.cups.org/str.php?L3482"
},
{
"name": "USN-906-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"name": "38524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38524"
},
{
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "MDVSA-2010:072",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:072"
},
{
"name": "GLSA-201207-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"name": "MDVSA-2010:073",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=558460",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=558460"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0393",
"datePublished": "2010-03-05T19:00:00",
"dateReserved": "2010-01-27T00:00:00",
"dateUpdated": "2024-08-07T00:45:12.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4045 (GCVE-0-2007-4045)
Vulnerability from cvelistv5
Published
2007-07-27 22:00
Modified
2024-08-07 14:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:06.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27577"
},
{
"name": "28113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28113"
},
{
"name": "SUSE-SR:2007:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"name": "FEDORA-2007-3100",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199195"
},
{
"name": "GLSA-200712-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
},
{
"name": "RHSA-2007:1022",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
},
{
"name": "26524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26524"
},
{
"name": "27615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27615"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250161"
},
{
"name": "RHSA-2007:1023",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
},
{
"name": "MDVSA-2008:036",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
},
{
"name": "oval:org.mitre.oval:def:9303",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9303"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27577"
},
{
"name": "28113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28113"
},
{
"name": "SUSE-SR:2007:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"name": "FEDORA-2007-3100",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199195"
},
{
"name": "GLSA-200712-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
},
{
"name": "RHSA-2007:1022",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
},
{
"name": "26524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26524"
},
{
"name": "27615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27615"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250161"
},
{
"name": "RHSA-2007:1023",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
},
{
"name": "MDVSA-2008:036",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
},
{
"name": "oval:org.mitre.oval:def:9303",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9303"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27577"
},
{
"name": "28113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28113"
},
{
"name": "SUSE-SR:2007:014",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"name": "FEDORA-2007-3100",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=199195",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199195"
},
{
"name": "GLSA-200712-14",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
},
{
"name": "RHSA-2007:1022",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
},
{
"name": "26524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26524"
},
{
"name": "27615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27615"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=250161",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250161"
},
{
"name": "RHSA-2007:1023",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
},
{
"name": "MDVSA-2008:036",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
},
{
"name": "oval:org.mitre.oval:def:9303",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9303"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4045",
"datePublished": "2007-07-27T22:00:00",
"dateReserved": "2007-07-27T00:00:00",
"dateUpdated": "2024-08-07T14:37:06.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9679 (GCVE-0-2014-9679)
Vulnerability from cvelistv5
Published
2015-02-19 15:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1123",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1123.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cups.org/str.php?L4551"
},
{
"name": "[oss-security] 20150210 CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/10/15"
},
{
"name": "USN-2520-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2520-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2015:0381",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html"
},
{
"name": "MDVSA-2015:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:049"
},
{
"name": "GLSA-201607-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-06"
},
{
"name": "FEDORA-2015-2127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html"
},
{
"name": "1031776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031776"
},
{
"name": "FEDORA-2015-2152",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html"
},
{
"name": "DSA-3172",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3172"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0067.html"
},
{
"name": "[oss-security] 20150212 Re: CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/12/12"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"name": "72594",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72594"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2015:1123",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1123.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cups.org/str.php?L4551"
},
{
"name": "[oss-security] 20150210 CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/10/15"
},
{
"name": "USN-2520-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2520-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2015:0381",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html"
},
{
"name": "MDVSA-2015:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:049"
},
{
"name": "GLSA-201607-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-06"
},
{
"name": "FEDORA-2015-2127",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html"
},
{
"name": "1031776",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031776"
},
{
"name": "FEDORA-2015-2152",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html"
},
{
"name": "DSA-3172",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3172"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0067.html"
},
{
"name": "[oss-security] 20150212 Re: CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/12/12"
},
{
"name": "MDVSA-2015:108",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"name": "72594",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72594"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1123",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1123.html"
},
{
"name": "https://www.cups.org/str.php?L4551",
"refsource": "CONFIRM",
"url": "https://www.cups.org/str.php?L4551"
},
{
"name": "[oss-security] 20150210 CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/10/15"
},
{
"name": "USN-2520-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2520-1"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2015:0381",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html"
},
{
"name": "MDVSA-2015:049",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:049"
},
{
"name": "GLSA-201607-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-06"
},
{
"name": "FEDORA-2015-2127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html"
},
{
"name": "1031776",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031776"
},
{
"name": "FEDORA-2015-2152",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html"
},
{
"name": "DSA-3172",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3172"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0067.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0067.html"
},
{
"name": "[oss-security] 20150212 Re: CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/12/12"
},
{
"name": "MDVSA-2015:108",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"name": "72594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72594"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9679",
"datePublished": "2015-02-19T15:00:00",
"dateReserved": "2015-02-12T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0164 (GCVE-0-2009-0164)
Vulnerability from cvelistv5
Published
2009-04-24 15:00
Modified
2024-08-07 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490597"
},
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L3118"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/articles.php?L582"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263070"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "34665",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34665"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490597"
},
{
"name": "GLSA-200904-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L3118"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/articles.php?L582"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263070"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "34665",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34665"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0164",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=490597",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490597"
},
{
"name": "GLSA-200904-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"name": "http://www.cups.org/str.php?L3118",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L3118"
},
{
"name": "http://www.cups.org/articles.php?L582",
"refsource": "CONFIRM",
"url": "http://www.cups.org/articles.php?L582"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "20090417 rPSA-2009-0061-1 cups",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=263070",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263070"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "34665",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34665"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0164",
"datePublished": "2009-04-24T15:00:00",
"dateReserved": "2009-01-16T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26691 (GCVE-0-2022-26691)
Vulnerability from cvelistv5
Published
2022-05-26 17:47
Modified
2024-08-03 05:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- An application may be able to gain elevated privileges
Summary
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:11:44.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213184"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2022",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An application may be able to gain elevated privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-16T03:06:13",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213184"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2022-26691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2022"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An application may be able to gain elevated privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT213183",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213183"
},
{
"name": "https://support.apple.com/en-us/HT213184",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213184"
},
{
"name": "https://support.apple.com/en-us/HT213185",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213185"
},
{
"name": "[debian-lts-announce] 20220527 [SECURITY] [DLA 3029-1] cups security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"name": "DSA-5149",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md",
"refsource": "MISC",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"name": "FEDORA-2022-09a89bc265",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"name": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444",
"refsource": "MISC",
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"name": "FEDORA-2022-39e057bc6d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2022-26691",
"datePublished": "2022-05-26T17:47:59",
"dateReserved": "2022-03-08T00:00:00",
"dateUpdated": "2024-08-03T05:11:44.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5377 (GCVE-0-2008-5377)
Vulnerability from cvelistv5
Published
2008-12-08 23:00
Modified
2024-08-07 10:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-devel] 20080813 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.debian.org/debian-devel/2008/08/msg00347.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://uvw.ru/report.sid.txt"
},
{
"name": "7550",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-devel] 20080813 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.debian.org/debian-devel/2008/08/msg00347.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://uvw.ru/report.sid.txt"
},
{
"name": "7550",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-devel] 20080813 Re: Possible mass bug filing: The possibility of attack with the help of symlinks in some Debian packages",
"refsource": "MLIST",
"url": "http://lists.debian.org/debian-devel/2008/08/msg00347.html"
},
{
"name": "http://uvw.ru/report.sid.txt",
"refsource": "MISC",
"url": "http://uvw.ru/report.sid.txt"
},
{
"name": "7550",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5377",
"datePublished": "2008-12-08T23:00:00",
"dateReserved": "2008-12-08T00:00:00",
"dateUpdated": "2024-08-07T10:49:12.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1033 (GCVE-0-2008-1033)
Vulnerability from cvelistv5
Published
2008-06-02 14:00
Modified
2024-08-07 08:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to "authentication environment variables."
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "macosx-cups-info-disclosure(42713)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42713"
},
{
"name": "29484",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29484"
},
{
"name": "TA08-150A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
},
{
"name": "1020145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020145"
},
{
"name": "30430",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30430"
},
{
"name": "APPLE-SA-2008-05-28",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
},
{
"name": "ADV-2008-1697",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"name": "29412",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to \"authentication environment variables.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "macosx-cups-info-disclosure(42713)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42713"
},
{
"name": "29484",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29484"
},
{
"name": "TA08-150A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
},
{
"name": "1020145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020145"
},
{
"name": "30430",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30430"
},
{
"name": "APPLE-SA-2008-05-28",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
},
{
"name": "ADV-2008-1697",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"name": "29412",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to \"authentication environment variables.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "macosx-cups-info-disclosure(42713)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42713"
},
{
"name": "29484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29484"
},
{
"name": "TA08-150A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
},
{
"name": "1020145",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020145"
},
{
"name": "30430",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30430"
},
{
"name": "APPLE-SA-2008-05-28",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
},
{
"name": "ADV-2008-1697",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"name": "29412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1033",
"datePublished": "2008-06-02T14:00:00",
"dateReserved": "2008-02-26T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5286 (GCVE-0-2008-5286)
Vulnerability from cvelistv5
Published
2008-12-01 15:00
Modified
2024-08-07 10:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20081201 (sort of urgent) CVE Request -- cups (repost)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/12/01/1"
},
{
"name": "33101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33101"
},
{
"name": "32518",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32518"
},
{
"name": "GLSA-200812-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10058",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10058"
},
{
"name": "33111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33111"
},
{
"name": "RHSA-2008:1028",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1028.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cups.org/str.php?L2974"
},
{
"name": "GLSA-200812-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-01.xml"
},
{
"name": "MDVSA-2009:029",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"name": "SUSE-SR:2009:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"name": "33568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33568"
},
{
"name": "DSA-1677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1677"
},
{
"name": "32962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32962"
},
{
"name": "1021298",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021298"
},
{
"name": "ADV-2008-3315",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3315"
},
{
"name": "cups-cupsimagereadpng-overflow(46933)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46933"
},
{
"name": "MDVSA-2009:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20081201 (sort of urgent) CVE Request -- cups (repost)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/12/01/1"
},
{
"name": "33101",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33101"
},
{
"name": "32518",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32518"
},
{
"name": "GLSA-200812-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10058",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10058"
},
{
"name": "33111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33111"
},
{
"name": "RHSA-2008:1028",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1028.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cups.org/str.php?L2974"
},
{
"name": "GLSA-200812-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-01.xml"
},
{
"name": "MDVSA-2009:029",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"name": "SUSE-SR:2009:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"name": "33568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33568"
},
{
"name": "DSA-1677",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1677"
},
{
"name": "32962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32962"
},
{
"name": "1021298",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021298"
},
{
"name": "ADV-2008-3315",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3315"
},
{
"name": "cups-cupsimagereadpng-overflow(46933)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46933"
},
{
"name": "MDVSA-2009:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20081201 (sort of urgent) CVE Request -- cups (repost)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/12/01/1"
},
{
"name": "33101",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33101"
},
{
"name": "32518",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32518"
},
{
"name": "GLSA-200812-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"name": "oval:org.mitre.oval:def:10058",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10058"
},
{
"name": "33111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33111"
},
{
"name": "RHSA-2008:1028",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1028.html"
},
{
"name": "http://www.cups.org/str.php?L2974",
"refsource": "CONFIRM",
"url": "http://www.cups.org/str.php?L2974"
},
{
"name": "GLSA-200812-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-01.xml"
},
{
"name": "MDVSA-2009:029",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"name": "SUSE-SR:2009:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"name": "33568",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33568"
},
{
"name": "DSA-1677",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1677"
},
{
"name": "32962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32962"
},
{
"name": "1021298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021298"
},
{
"name": "ADV-2008-3315",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3315"
},
{
"name": "cups-cupsimagereadpng-overflow(46933)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46933"
},
{
"name": "MDVSA-2009:028",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"name": "http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt",
"refsource": "CONFIRM",
"url": "http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5286",
"datePublished": "2008-12-01T15:00:00",
"dateReserved": "2008-12-01T00:00:00",
"dateUpdated": "2024-08-07T10:49:12.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0949 (GCVE-0-2009-0949)
Vulnerability from cvelistv5
Published
2009-06-09 17:00
Modified
2024-08-07 04:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35169",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35169"
},
{
"name": "DSA-1811",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1811"
},
{
"name": "35340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35340"
},
{
"name": "oval:org.mitre.oval:def:9631",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500972"
},
{
"name": "35342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35342"
},
{
"name": "apple-cups-ipptag-dos(50926)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50926"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "USN-780-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-780-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability"
},
{
"name": "35328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35328"
},
{
"name": "RHSA-2009:1082",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1082.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "20090602 CORE-2009-0420 - Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504032/100/0/threaded"
},
{
"name": "RHSA-2009:1083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"name": "1022321",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022321"
},
{
"name": "35322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35322"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35169",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35169"
},
{
"name": "DSA-1811",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1811"
},
{
"name": "35340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35340"
},
{
"name": "oval:org.mitre.oval:def:9631",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500972"
},
{
"name": "35342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35342"
},
{
"name": "apple-cups-ipptag-dos(50926)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50926"
},
{
"name": "APPLE-SA-2009-09-10-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "USN-780-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-780-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability"
},
{
"name": "35328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35328"
},
{
"name": "RHSA-2009:1082",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1082.html"
},
{
"name": "35685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35685"
},
{
"name": "SUSE-SR:2009:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36701"
},
{
"name": "20090602 CORE-2009-0420 - Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504032/100/0/threaded"
},
{
"name": "RHSA-2009:1083",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"name": "1022321",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022321"
},
{
"name": "35322",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35322"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0949",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35169",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35169"
},
{
"name": "DSA-1811",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1811"
},
{
"name": "35340",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35340"
},
{
"name": "oval:org.mitre.oval:def:9631",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=500972",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500972"
},
{
"name": "35342",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35342"
},
{
"name": "apple-cups-ipptag-dos(50926)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50926"
},
{
"name": "APPLE-SA-2009-09-10-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name": "USN-780-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-780-1"
},
{
"name": "http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability"
},
{
"name": "35328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35328"
},
{
"name": "RHSA-2009:1082",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1082.html"
},
{
"name": "35685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35685"
},
{
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name": "http://support.apple.com/kb/HT3865",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3865"
},
{
"name": "36701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36701"
},
{
"name": "20090602 CORE-2009-0420 - Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504032/100/0/threaded"
},
{
"name": "RHSA-2009:1083",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"name": "1022321",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022321"
},
{
"name": "35322",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35322"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0949",
"datePublished": "2009-06-09T17:00:00",
"dateReserved": "2009-03-18T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2010-11-05 17:00
Modified
2025-04-11 00:51
Severity ?
Summary
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox | Broken Link | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html | Mailing List | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html | Mailing List | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html | Mailing List | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html | Mailing List | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2010-0811.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42287 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/42867 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/43521 | Broken Link | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201207-10.xml | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1024662 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 | Broken Link | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2011/dsa-2176 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 | Broken Link | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 | Broken Link | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 | Broken Link | |
| secalert@redhat.com | http://www.osvdb.org/68951 | Broken Link | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0866.html | Broken Link | |
| secalert@redhat.com | http://www.securityfocus.com/bid/44530 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1012-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2856 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3042 | Broken Link | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3088 | Broken Link | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0061 | Broken Link | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0535 | Broken Link | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=624438 | Issue Tracking, Patch | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2010-0811.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42287 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42867 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43521 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024662 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2176 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/68951 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0866.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/44530 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1012-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2856 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3042 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3088 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0061 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0535 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=624438 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x_server | * | |
| apple | mac_os_x_server | * | |
| fedoraproject | fedora | 12 | |
| fedoraproject | fedora | 13 | |
| fedoraproject | fedora | 14 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 10.10 | |
| debian | debian_linux | 5.0 | |
| opensuse | opensuse | 11.1 | |
| opensuse | opensuse | 11.2 | |
| opensuse | opensuse | 11.3 | |
| suse | linux_enterprise | 10.0 | |
| suse | linux_enterprise | 11.0 | |
| suse | linux_enterprise | 11.0 | |
| suse | linux_enterprise_server | 9 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_workstation | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54EE6E16-85C5-41AF-970A-FD6C5408B71E",
"versionEndIncluding": "1.4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80C038E4-C24D-45E9-8287-C205C0C07809",
"versionEndExcluding": "10.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DA1D55-B689-47CF-A55F-3C16DA4EFFFF",
"versionEndIncluding": "10.6.4",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F89C200-D340-4BB4-BC82-C26629184C5C",
"versionEndExcluding": "10.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924AFEE6-E331-4E10-B1B8-1FF1FF801120",
"versionEndIncluding": "10.6.4",
"versionStartIncluding": "10.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
"matchCriteriaId": "E44669D7-6C1E-4844-B78A-73E253A7CC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE52846-24EC-4068-B788-EC7F915FFF11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "C0507E91-567A-41D6-A7E5-5088A39F75FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "1193A7E6-DCB4-4E79-A509-1D6948153A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1608E282-2E96-4447-848D-DBE915DB0EF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise:11.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4500161F-13A0-4369-B93A-778B34E7F005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request."
},
{
"lang": "es",
"value": "ipp.c en cupsd en CUPS v1.4.4 y anteriores no asigna correctamente memoria para valores de atributo con tipos de datos de cadena inv\u00e1lidos, permitiendo a atacantes remotos provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario mediante una solicitud IPP manipulada."
}
],
"id": "CVE-2010-2941",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2010-11-05T17:00:01.843",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42287"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42867"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024662"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.468323"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:233"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/68951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0866.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/44530"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1012-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3042"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3088"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=624438"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.468323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/68951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0866.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/44530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1012-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=624438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62882"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-19 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cups.org/str.php?L3914 | Patch | |
| cve@mitre.org | http://secunia.com/advisories/45796 | ||
| cve@mitre.org | http://secunia.com/advisories/46024 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| cve@mitre.org | http://www.debian.org/security/2011/dsa-2354 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2011:147 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/49323 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1025980 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-1207-1 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=727800 | Patch | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/69380 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/str.php?L3914 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45796 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46024 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2354 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:147 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/49323 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1025980 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1207-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=727800 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/69380 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.9 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 | |
| apple | cups | 1.4 | |
| apple | cups | 1.4 | |
| apple | cups | 1.4 | |
| apple | cups | 1.4 | |
| apple | cups | 1.4.0 | |
| apple | cups | 1.4.1 | |
| apple | cups | 1.4.2 | |
| apple | cups | 1.4.3 | |
| apple | cups | 1.4.4 | |
| apple | cups | 1.4.5 | |
| apple | cups | 1.4.6 | |
| apple | cups | 1.4.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77F44173-1283-4A93-87B0-08074F867B4E",
"versionEndIncluding": "1.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4:b1:*:*:*:*:*:*",
"matchCriteriaId": "9CF904C7-519F-4C54-9046-59B87A9BA1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4:b2:*:*:*:*:*:*",
"matchCriteriaId": "DA965F26-4400-4D8C-8015-44349E3AFE76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4:b3:*:*:*:*:*:*",
"matchCriteriaId": "F75BC48C-DE9F-4E2C-81DF-F166B8DD951F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1F4C49E3-BCCC-4041-81ED-4EB55770E09C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84AD2D5B-DC7A-49A3-9238-9728F03AAFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD0B172-FB22-4270-B73D-4489EC2F4CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F12A5E71-D6E3-475E-817B-C8E6FC5B41B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466D4C-912B-45C9-83C6-BA24DB9D8BD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E33F8DA5-75F4-42F8-BC99-632FCD5A3F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "41C5C1CB-B0EF-4DC8-AF78-8025997623D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9B37E1-48B8-4AD9-8DA2-D90366140740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7F79E765-9F02-4E97-ACBE-C3397C30DD2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896."
},
{
"lang": "es",
"value": "La funci\u00f3n gif_read_lzw en filter/image-gif.c en CUPS v1.4.8 y anteriores no controla correctamente la primera WORD de c\u00f3digo en un flujo LZW, lo que permite provocar un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) a atacantes remotos, y posiblemente, ejecutar c\u00f3digo de su elecci\u00f3n, a trav\u00e9s de un stream debidamente modificado. Se trata de una vulnerabilidad diferente a la CVE-2011.2896."
}
],
"id": "CVE-2011-3170",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-08-19T17:55:03.363",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cups.org/str.php?L3914"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/45796"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/46024"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:147"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/49323"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1025980"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cups.org/str.php?L3914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/45796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69380"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://cups.org/articles.php?L596 | Release Notes | |
| secalert@redhat.com | http://cups.org/str.php?L3490 | Release Notes | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html | Mailing List | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037174.html | Mailing List | |
| secalert@redhat.com | http://secunia.com/advisories/38785 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/38927 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/38979 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/40220 | Broken Link | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201207-10.xml | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4188 | Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:073 | Broken Link | |
| secalert@redhat.com | http://www.securityfocus.com/bid/38510 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id?1024124 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-906-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1481 | Broken Link | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=557775 | Issue Tracking, Patch | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11216 | Broken Link | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0129.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/articles.php?L596 | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/str.php?L3490 | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037174.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38785 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38927 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38979 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40220 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4188 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:073 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/38510 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1024124 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-906-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1481 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=557775 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11216 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0129.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x_server | * | |
| apple | mac_os_x_server | * | |
| fedoraproject | fedora | 11 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 8.10 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_eus | 5.4 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_workstation | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9779FF46-9FB1-4F6A-8633-AC5D3FB5A96C",
"versionEndExcluding": "1.4.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80C038E4-C24D-45E9-8287-C205C0C07809",
"versionEndExcluding": "10.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25512493-BB20-46B2-B40A-74E67F0797B6",
"versionEndExcluding": "10.6.4",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F89C200-D340-4BB4-BC82-C26629184C5C",
"versionEndExcluding": "10.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7461BE-1CAC-46D6-95E6-1B2DFC5A4CCF",
"versionEndExcluding": "10.6.4",
"versionStartIncluding": "10.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BB5EDB-520B-4DEF-B06E-65CA13152824",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD6917D-FE03-487F-9F2C-A79B5FCFBC5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despues de liberacion en el interfaz de gestion de descriptores de fichero en la funcion cupsdDoSelect en scheduler/select.c en the scheduler en cupsd en CUPS v1.3.7, v1.3.9, v1.3.10, y v1.4.1, cuando se utiliza kqueue o epoll, permite a atacantes remotos producir una denegacion de servicio (caida de demonio o cuelgue) a traves de la desconexion del cliente durante el listado de un gran numero de trabajos de imporesion, relacionados con el inadecuado mantenimiento del numero de referencias. NOTA: Algunos de los detalles fueron obtenidos de terceras partes. NOTA; Esta vulnerabilidad se ha producido por un arreglo incompleto de CVE-2009-3553."
}
],
"id": "CVE-2010-0302",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2010-03-05T19:30:00.437",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://cups.org/articles.php?L596"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://cups.org/str.php?L3490"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037174.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/38785"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/38927"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/38979"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40220"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4188"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/38510"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024124"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=557775"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11216"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0129.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://cups.org/articles.php?L596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://cups.org/str.php?L3490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037174.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/38785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/38927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/38979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/38510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=557775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0129.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-21 02:30
Modified
2025-04-09 00:30
Severity ?
Summary
The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@ubuntu.com | http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html | ||
| security@ubuntu.com | http://www.cups.org/str.php?L2774 | ||
| security@ubuntu.com | http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/ | Exploit | |
| security@ubuntu.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:028 | ||
| security@ubuntu.com | http://www.openwall.com/lists/oss-security/2008/11/19/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L2774 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/ | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/11/19/3 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E8DB5A3-0C79-4D3D-BF78-7448D527B670",
"versionEndIncluding": "1.3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions."
},
{
"lang": "es",
"value": "La interfaz web (cgi-bin/admin.c) en CUPS antes de v1.3.8 utiliza un nombre de usuario de invitado cuando un usuario no esta conectado al servidor web, lo cual facilita a atacantes remotos evitar la pol\u00edtica y conducir un ataque CSRF a trav\u00e9s de las funciones (1) add y (2) cancel suscripciones RSS."
}
],
"id": "CVE-2008-5184",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-21T02:30:00.467",
"references": [
{
"source": "security@ubuntu.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"source": "security@ubuntu.com",
"url": "http://www.cups.org/str.php?L2774"
},
{
"source": "security@ubuntu.com",
"tags": [
"Exploit"
],
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"source": "security@ubuntu.com",
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/str.php?L2774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of CUPS as shipped with Red Hat Enterprise Linux 3, 4, or 5. Versions shipped do not support RSS subscriptions.",
"lastModified": "2008-12-03T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886 | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| secalert@redhat.com | http://poppler.freedesktop.org/releases.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| secalert@redhat.com | http://secunia.com/advisories/34291 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34481 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34746 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34755 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34756 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34852 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34959 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34963 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34991 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35037 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35064 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35065 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35618 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35685 | Vendor Advisory | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0431.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0480.html | Patch | |
| secalert@redhat.com | http://www.securityfocus.com/bid/34568 | Patch | |
| secalert@redhat.com | http://www.securitytracker.com/id?1022072 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1065 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1066 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1076 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://poppler.freedesktop.org/releases.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34746 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022072 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1076 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| poppler | poppler | * | |
| poppler | poppler | 0.1 | |
| poppler | poppler | 0.1.1 | |
| poppler | poppler | 0.1.2 | |
| poppler | poppler | 0.2.0 | |
| poppler | poppler | 0.3.0 | |
| poppler | poppler | 0.3.1 | |
| poppler | poppler | 0.3.2 | |
| poppler | poppler | 0.3.3 | |
| poppler | poppler | 0.4.0 | |
| poppler | poppler | 0.4.1 | |
| poppler | poppler | 0.4.2 | |
| poppler | poppler | 0.4.3 | |
| poppler | poppler | 0.4.4 | |
| poppler | poppler | 0.5.0 | |
| poppler | poppler | 0.5.1 | |
| poppler | poppler | 0.5.2 | |
| poppler | poppler | 0.5.3 | |
| poppler | poppler | 0.5.4 | |
| poppler | poppler | 0.5.9 | |
| poppler | poppler | 0.5.90 | |
| poppler | poppler | 0.5.91 | |
| poppler | poppler | 0.6.0 | |
| poppler | poppler | 0.6.1 | |
| poppler | poppler | 0.6.2 | |
| poppler | poppler | 0.6.3 | |
| poppler | poppler | 0.6.4 | |
| poppler | poppler | 0.7.0 | |
| poppler | poppler | 0.7.1 | |
| poppler | poppler | 0.7.2 | |
| poppler | poppler | 0.7.3 | |
| poppler | poppler | 0.8.0 | |
| poppler | poppler | 0.8.1 | |
| poppler | poppler | 0.8.2 | |
| poppler | poppler | 0.8.3 | |
| poppler | poppler | 0.8.4 | |
| poppler | poppler | 0.8.5 | |
| poppler | poppler | 0.8.6 | |
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
"versionEndIncluding": "0.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una vulnerabilidad de lectura fuera de l\u00edmites."
}
],
"id": "CVE-2009-0799",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-23T17:30:01.703",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022072"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| cve@mitre.org | http://secunia.com/advisories/34481 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34722 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34747 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34756 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34852 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| cve@mitre.org | http://www.cups.org/articles.php?L582 | ||
| cve@mitre.org | http://www.cups.org/str.php?L3031 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1773 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0428.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34571 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022070 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-760-1 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=490596 | Patch | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34722 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34747 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/articles.php?L582 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L3031 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1773 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0428.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34571 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022070 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-760-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=490596 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow."
},
{
"lang": "es",
"value": "El desbordamiento de enteros en las rutinas de decodificaci\u00f3n de im\u00e1genes TIFF en CUPS versiones 1.3.9 y anteriores, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) y posiblemente ejecutar c\u00f3digo arbitrario por medio de una imagen TIFF dise\u00f1ada, que no es manejado apropiadamente por la funci\u00f3n _cupsImageReadTIFF (1) en el filtro imagetops y (2) el filtro imagetoraster, lo que conduce a un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria."
}
],
"id": "CVE-2009-0163",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-23T17:30:01.577",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34722"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34747"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/articles.php?L582"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/str.php?L3031"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1773"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0428.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34571"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022070"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-760-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490596"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/articles.php?L582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/str.php?L3031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0428.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-760-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-24 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=263070 | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| cve@mitre.org | http://secunia.com/advisories/35074 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| cve@mitre.org | http://support.apple.com/kb/HT3549 | ||
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| cve@mitre.org | http://www.cups.org/articles.php?L582 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.cups.org/str.php?L3118 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34665 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1297 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=490597 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=263070 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35074 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3549 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/articles.php?L582 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L3118 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34665 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1297 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=490597 | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks."
},
{
"lang": "es",
"value": "La interfaz web de CUPS antes de v1.3.10 no valida la cabecera HTTP Host en una solicitud de un cliente, lo que facilita para realizar ataques de revinculaci\u00f3n de DNS a atacantes remotos."
}
],
"id": "CVE-2009-0164",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-24T15:30:00.217",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263070"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/35074"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/articles.php?L582"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/str.php?L3118"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34665"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/articles.php?L582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/str.php?L3118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490597"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-0164\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/\n",
"lastModified": "2009-04-27T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-03 18:29
Modified
2024-11-21 04:07
Severity ?
Summary
The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| product-security@apple.com | http://www.securityfocus.com/bid/107785 | Third Party Advisory | |
| product-security@apple.com | https://github.com/apple/cups/releases/tag/v2.2.10 | Release Notes, Third Party Advisory | |
| product-security@apple.com | https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107785 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apple/cups/releases/tag/v2.2.10 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B24CA2D-FC2D-4C8D-9B5A-84A14486F1E9",
"versionEndExcluding": "2.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10."
},
{
"lang": "es",
"value": "La cookie de sesi\u00f3n generada por la interfaz web de CUPS era f\u00e1cil de adivinar en Linux, permitiendo un acceso de script no autorizado a la interfaz web cuando est\u00e1 deshabilitada. Este problema afectaba a las versiones anteriores a la v2.2.10."
}
],
"id": "CVE-2018-4300",
"lastModified": "2024-11-21T04:07:09.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-03T18:29:06.017",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/107785"
},
{
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/releases/tag/v2.2.10"
},
{
"source": "product-security@apple.com",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/107785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/releases/tag/v2.2.10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00028.html"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-26 18:15
Modified
2024-11-21 06:54
Severity ?
Summary
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| product-security@apple.com | https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444 | Patch, Third Party Advisory | |
| product-security@apple.com | https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md | Third Party Advisory | |
| product-security@apple.com | https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html | Mailing List, Third Party Advisory | |
| product-security@apple.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/ | ||
| product-security@apple.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/ | ||
| product-security@apple.com | https://support.apple.com/en-us/HT213183 | Release Notes, Vendor Advisory | |
| product-security@apple.com | https://support.apple.com/en-us/HT213184 | Release Notes, Vendor Advisory | |
| product-security@apple.com | https://support.apple.com/en-us/HT213185 | Release Notes, Vendor Advisory | |
| product-security@apple.com | https://www.debian.org/security/2022/dsa-5149 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/en-us/HT213183 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/en-us/HT213184 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/en-us/HT213185 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5149 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | mac_os_x | 10.15.7 | |
| apple | macos | * | |
| apple | macos | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| openprinting | cups | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D804588E-266F-4F74-8D1B-C9E7EB5369DC",
"versionEndExcluding": "499.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8A73F8-3074-4B32-B9F6-343B6B1988C5",
"versionEndExcluding": "10.15.7",
"versionStartIncluding": "10.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*",
"matchCriteriaId": "A654B8A2-FC30-4171-B0BB-366CD7ED4B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*",
"matchCriteriaId": "F12CC8B5-C1EB-419E-8496-B9A3864656AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"matchCriteriaId": "F1F4BF7F-90D4-4668-B4E6-B06F4070F448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*",
"matchCriteriaId": "7FD7176C-F4D1-43A7-9E49-BA92CA0D9980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*",
"matchCriteriaId": "2703DE0B-8A9E-4A9D-9AE8-028E22BF47CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"matchCriteriaId": "0F441A43-1669-478D-9EC8-E96882DE4F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"matchCriteriaId": "D425C653-37A2-448C-BF2F-B684ADB08A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"matchCriteriaId": "A54D63B7-B92B-47C3-B1C5-9892E5873A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"matchCriteriaId": "012052B5-9AA7-4FD3-9C80-5F615330039D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"matchCriteriaId": "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*",
"matchCriteriaId": "8E974DC6-F7D9-4389-9AF9-863F6E419CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*",
"matchCriteriaId": "156A6382-2BD3-4882-90B2-8E7CF6659E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*",
"matchCriteriaId": "20A2FDB2-6712-406A-9896-C0B44508B07D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*",
"matchCriteriaId": "C1C795B9-E58D-467C-83A8-2D45C792292F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFCD1738-94C6-42DF-8699-BC96589F7221",
"versionEndExcluding": "11.6.5",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A086223-FCC8-48F6-9B75-D8A533BF93D2",
"versionEndExcluding": "12.3",
"versionStartExcluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDE6989-2E7A-4564-A310-960CF13CF925",
"versionEndExcluding": "2.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges."
},
{
"lang": "es",
"value": "Se abord\u00f3 un problema de l\u00f3gica con una administraci\u00f3n de estados mejorada. Este problema es corregido en Security Update 2022-003 Catalina, macOS Monterey versi\u00f3n 12.3, macOS Big Sur versi\u00f3n 11.6.5. Una aplicaci\u00f3n puede ser capaz de alcanzar altos privilegios"
}
],
"id": "CVE-2022-26691",
"lastModified": "2024-11-21T06:54:19.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-26T18:15:09.340",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"source": "product-security@apple.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"source": "product-security@apple.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
},
{
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213184"
},
{
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213185"
},
{
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5149"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-697"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-23 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://advisories.mageia.org/MGASA-2014-0313.html | ||
| secalert@redhat.com | http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| secalert@redhat.com | http://secunia.com/advisories/59945 | ||
| secalert@redhat.com | http://secunia.com/advisories/60273 | ||
| secalert@redhat.com | http://secunia.com/advisories/60787 | ||
| secalert@redhat.com | http://www.cups.org/blog.php?L724 | Vendor Advisory | |
| secalert@redhat.com | http://www.cups.org/str.php?L4450 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/68788 | Vendor Advisory | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030611 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2293-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1115576 | ||
| secalert@redhat.com | https://support.apple.com/kb/HT6535 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2014-0313.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59945 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60273 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60787 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/blog.php?L724 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L4450 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/68788 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030611 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2293-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1115576 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/kb/HT6535 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.7 | |
| apple | cups | 1.7.0 | |
| apple | cups | 1.7.1 | |
| apple | cups | 1.7.1 | |
| apple | cups | 1.7.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| fedoraproject | fedora | 20 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83BA187A-5E24-4307-93F0-7F1046A6B777",
"versionEndIncluding": "1.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "055893FF-4833-4BDC-9C6B-B4BDD0F59942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F911CF9B-673B-4783-BE33-1D233F75BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD0A09C-DCE7-4873-AC60-68EC747BD1F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "54164748-5511-4B90-BD1B-75C0D89532A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C950144A-DAAB-4E2E-84A6-9C356CDC8EAC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/."
},
{
"lang": "es",
"value": "La interfaz web en CUPS anterior a 1.7.4 permite a usuarios locales en el grupo lp leer ficheros arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre un fichero en /var/cache/cups/rss/."
}
],
"id": "CVE-2014-3537",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-23T14:55:05.883",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"source": "secalert@redhat.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/59945"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60273"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60787"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cups.org/blog.php?L724"
},
{
"source": "secalert@redhat.com",
"url": "http://www.cups.org/str.php?L4450"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/68788"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1030611"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2293-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1115576"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/kb/HT6535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cups.org/blog.php?L724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/str.php?L4450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/68788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2293-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1115576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT6535"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-18 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2014-0193.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| cve@mitre.org | http://secunia.com/advisories/57880 | Vendor Advisory | |
| cve@mitre.org | http://www.cups.org/documentation.php/relnotes.html | ||
| cve@mitre.org | http://www.cups.org/str.php?L4356 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2014/04/14/2 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2014/04/15/3 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/66788 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2172-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2014-0193.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57880 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/documentation.php/relnotes.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L4356 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/04/14/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/04/15/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66788 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2172-1 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.9 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 | |
| apple | cups | 1.4 | |
| apple | cups | 1.4 | |
| apple | cups | 1.4 | |
| apple | cups | 1.4 | |
| apple | cups | 1.4.0 | |
| apple | cups | 1.4.1 | |
| apple | cups | 1.4.2 | |
| apple | cups | 1.4.3 | |
| apple | cups | 1.4.4 | |
| apple | cups | 1.4.5 | |
| apple | cups | 1.4.6 | |
| apple | cups | 1.4.7 | |
| apple | cups | 1.4.8 | |
| apple | cups | 1.5 | |
| apple | cups | 1.5 | |
| apple | cups | 1.5 | |
| apple | cups | 1.5.0 | |
| apple | cups | 1.5.1 | |
| apple | cups | 1.5.2 | |
| apple | cups | 1.5.3 | |
| apple | cups | 1.5.4 | |
| apple | cups | 1.6 | |
| apple | cups | 1.6 | |
| apple | cups | 1.6.1 | |
| apple | cups | 1.6.2 | |
| apple | cups | 1.6.3 | |
| apple | cups | 1.6.4 | |
| apple | cups | 1.7 | |
| apple | cups | 1.7.0 | |
| apple | cups | 1.7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "030474D2-59A2-43FE-8292-EE2314BD1462",
"versionEndIncluding": "1.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4:b1:*:*:*:*:*:*",
"matchCriteriaId": "9CF904C7-519F-4C54-9046-59B87A9BA1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4:b2:*:*:*:*:*:*",
"matchCriteriaId": "DA965F26-4400-4D8C-8015-44349E3AFE76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4:b3:*:*:*:*:*:*",
"matchCriteriaId": "F75BC48C-DE9F-4E2C-81DF-F166B8DD951F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1F4C49E3-BCCC-4041-81ED-4EB55770E09C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84AD2D5B-DC7A-49A3-9238-9728F03AAFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD0B172-FB22-4270-B73D-4489EC2F4CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F12A5E71-D6E3-475E-817B-C8E6FC5B41B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9466D4C-912B-45C9-83C6-BA24DB9D8BD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E33F8DA5-75F4-42F8-BC99-632FCD5A3F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "41C5C1CB-B0EF-4DC8-AF78-8025997623D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9B37E1-48B8-4AD9-8DA2-D90366140740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7F79E765-9F02-4E97-ACBE-C3397C30DD2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6FB4C96-693A-4FA4-B88E-FA7C898E34FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "3FCCDA03-B891-4883-91F9-A49F2CF846CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.5:b2:*:*:*:*:*:*",
"matchCriteriaId": "A62CDEC1-95A9-435A-90D8-FFBDE9EC8F3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1042AD66-47F8-46BB-8381-3F09D3707E88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22067C45-2F5D-4ACD-A0D6-75368A2094D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "86D6672E-8132-469C-BA1A-24FD28856880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4140067D-C76D-4B78-ABB7-8234C862330E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1DF455-FA70-4293-9785-2CFF542F06A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAB9BC5-9E13-4F69-8979-9F4A7A5D6FAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.6:b1:*:*:*:*:*:*",
"matchCriteriaId": "E15D4F57-094D-4E69-B115-3106F100ED52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "974D0C06-2EBC-42C7-A2DB-93C175B5DB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C804DF-9776-4603-ABFE-ADAC28C0BAB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77F52D4B-76FD-49D1-84C8-E2D69B7C1FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "569593DC-7560-49EF-B67F-6A7E48ED00D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68172867-9341-4254-847D-552B9FBC4CE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "055893FF-4833-4BDC-9C6B-B4BDD0F59942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F911CF9B-673B-4783-BE33-1D233F75BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "54164748-5511-4B90-BD1B-75C0D89532A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en scheduler/client.c en Common Unix Printing System (CUPS) anterior a 1.7.2 permite a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s de la ruta de URL, relacionado con la funci\u00f3n is_path_absolute."
}
],
"id": "CVE-2014-2856",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-04-18T14:55:26.040",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0193.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57880"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/documentation.php/relnotes.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/str.php?L4356"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2014/04/14/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2014/04/15/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/66788"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2172-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0193.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/documentation.php/relnotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/str.php?L4356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/04/14/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/04/15/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2172-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-22 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cups.org/articles.php?L596 | Patch, Vendor Advisory | |
| cve@mitre.org | http://cups.org/str.php?L3510 | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2010-0811.html | ||
| cve@mitre.org | http://secunia.com/advisories/43521 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| cve@mitre.org | http://www.debian.org/security/2011/dsa-2176 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/2856 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2011/0535 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=605397 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/articles.php?L596 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/str.php?L3510 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2010-0811.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43521 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2176 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2856 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0535 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=605397 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.9 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 | |
| apple | cups | 1.4.0 | |
| apple | cups | 1.4.1 | |
| apple | cups | 1.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB4C70A-5B61-46A2-927F-94522D6BA71D",
"versionEndIncluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84AD2D5B-DC7A-49A3-9238-9728F03AAFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD0B172-FB22-4270-B73D-4489EC2F4CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F12A5E71-D6E3-475E-817B-C8E6FC5B41B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file."
},
{
"lang": "es",
"value": "La funci\u00f3n cupsFileOpen en CUPS en versiones anteriores a la 1.4.4 permite a usuarios locales que pertenezcan al grupo lp, sobreescribir ficheros de su elecci\u00f3n mediante un ataque de enlace simb\u00f3lico en el fichero (1) /var/cache/cups/remote.cache o (2) /var/cache/cups/job.cache."
}
],
"id": "CVE-2010-2431",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-22T20:30:01.757",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://cups.org/articles.php?L596"
},
{
"source": "cve@mitre.org",
"url": "http://cups.org/str.php?L3510"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=605397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://cups.org/articles.php?L596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cups.org/str.php?L3510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0811.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=605397"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-20 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791 | Exploit | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-0580.html | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5784 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/11/10/5 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/11/11/2 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/11/11/5 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/56494 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1654-1 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/80012 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-0580.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5784 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/11/10/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/11/11/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/11/11/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/56494 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1654-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/80012 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | 1.4.4 | |
| debian | debian_linux | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E33F8DA5-75F4-42F8-BC99-632FCD5A3F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8919F1-CD33-437E-9627-69352B276BA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface."
},
{
"lang": "es",
"value": "CUPS v1.4.4, cuando se ejecuta en ciertas distribuciones de Linux como Debian GNU/Linux, almacena la la clave de la interfaz web del administrador en /var/run/cups/certs/0 con ciertos permisos, lo que permite a los usuarios locales en el grupo lpadmin leer o escribir archivos arbitrarios como root mediante el aprovechamiento de la interfaz web."
}
],
"id": "CVE-2012-5519",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-20T00:55:01.337",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0580.html"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5784"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/11/11/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/11/11/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/56494"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1654-1"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0580.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/11/11/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/11/11/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1654-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-26 05:00
Modified
2025-04-03 01:03
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html | Broken Link | |
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702 | Broken Link | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104032149026670&w=2 | Mailing List | |
| cve@mitre.org | http://www.debian.org/security/2003/dsa-232 | Third Party Advisory | |
| cve@mitre.org | http://www.idefense.com/advisory/12.19.02.txt | Broken Link, Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 | Broken Link | |
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2003_002_cups.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-295.html | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/bid/6440 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/10912 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104032149026670&w=2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-232 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/advisory/12.19.02.txt | Broken Link, Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2003_002_cups.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-295.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6440 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/10912 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x | 10.2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB349B56-37FA-4ECB-8260-AFBF6B324B34",
"versionEndIncluding": "1.1.17",
"versionStartIncluding": "1.1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta."
},
{
"lang": "es",
"value": "Common Unix Printing System (CUPS) 1.1.14 a 1.1.17 no comprueba adecuadamente los valores de retorno de varias operaciones de ficheros y sockets, lo que podr\u00eda permitir a un atacante remoto causar una denegaci\u00f3n de servicio (consumici\u00f3n de recursos) haciendo que descriptores de ficheros sean asignados y no liberados, como ha sido demostrado por fanta."
}
],
"id": "CVE-2002-1372",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2002-12-26T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000702"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104032149026670\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-232"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/12.19.02.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/6440"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104032149026670\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/12.19.02.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2003_002_cups.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-295.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/6440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10912"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.cups.org/str.php?L700 | Broken Link, Patch | |
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2005_18_sr.html | Broken Link | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2005-571.html | Broken Link | |
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-185-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274 | Issue Tracking | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L700 | Broken Link, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_18_sr.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-571.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-185-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940 | Broken Link |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F835149-D8DC-4086-8A1A-6DA6F0B1641F",
"versionEndExcluding": "1.1.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:-:*:*:*:*:*:*",
"matchCriteriaId": "1AE87AA4-1F4C-46CC-8365-6390B5E9C2D7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "778A6957-455B-420A-BAAF-E7F88FF4FB1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive."
}
],
"id": "CVE-2004-2154",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://www.cups.org/str.php?L700"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-571.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-185-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://www.cups.org/str.php?L700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-571.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-185-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-178"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-178"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-21 16:30
Modified
2025-04-11 00:51
Severity ?
Summary
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| product-security@apple.com | http://cups.org/articles.php?L596 | Patch | |
| product-security@apple.com | http://cups.org/str.php?L3516 | ||
| product-security@apple.com | http://cups.org/strfiles/3516/str3516.patch | Patch | |
| product-security@apple.com | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html | ||
| product-security@apple.com | http://secunia.com/advisories/43521 | ||
| product-security@apple.com | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| product-security@apple.com | http://securitytracker.com/id?1024121 | ||
| product-security@apple.com | http://www.debian.org/security/2011/dsa-2176 | ||
| product-security@apple.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 | ||
| product-security@apple.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 | ||
| product-security@apple.com | http://www.securityfocus.com/bid/40943 | ||
| product-security@apple.com | http://www.vupen.com/english/advisories/2011/0535 | ||
| product-security@apple.com | https://bugzilla.redhat.com/show_bug.cgi?id=587746 | Patch | |
| product-security@apple.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/articles.php?L596 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/str.php?L3516 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/strfiles/3516/str3516.patch | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43521 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024121 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2176 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/40943 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0535 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=587746 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.9 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 | |
| apple | cups | 1.4.0 | |
| apple | cups | 1.4.1 | |
| apple | cups | 1.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB4C70A-5B61-46A2-927F-94522D6BA71D",
"versionEndIncluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84AD2D5B-DC7A-49A3-9238-9728F03AAFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD0B172-FB22-4270-B73D-4489EC2F4CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F12A5E71-D6E3-475E-817B-C8E6FC5B41B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "La funci\u00f3n _WriteProlog de texttops.c en texttops en el subsistema Text Filter de CUPS en versiones anteriores a la v1.4.4 no chequea los valores devueltos de ciertas llamadas calloc, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (dereferenciaci\u00f3n de puntero nulo o corrupci\u00f3n de la memoria din\u00e1mica) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero modificado."
}
],
"id": "CVE-2010-0542",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-06-21T16:30:01.087",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Patch"
],
"url": "http://cups.org/articles.php?L596"
},
{
"source": "product-security@apple.com",
"url": "http://cups.org/str.php?L3516"
},
{
"source": "product-security@apple.com",
"tags": [
"Patch"
],
"url": "http://cups.org/strfiles/3516/str3516.patch"
},
{
"source": "product-security@apple.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"source": "product-security@apple.com",
"url": "http://secunia.com/advisories/43521"
},
{
"source": "product-security@apple.com",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "product-security@apple.com",
"url": "http://securitytracker.com/id?1024121"
},
{
"source": "product-security@apple.com",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "product-security@apple.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"source": "product-security@apple.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"source": "product-security@apple.com",
"url": "http://www.securityfocus.com/bid/40943"
},
{
"source": "product-security@apple.com",
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "product-security@apple.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=587746"
},
{
"source": "product-security@apple.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cups.org/articles.php?L596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cups.org/str.php?L3516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cups.org/strfiles/3516/str3516.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=587746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2025-04-11 00:51
Severity ?
Summary
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| cve@mitre.org | http://support.apple.com/kb/HT4077 | ||
| cve@mitre.org | http://www.cups.org/str.php?L3482 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:072 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:073 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/38524 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-906-1 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=558460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4077 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L3482 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:072 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:073 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/38524 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-906-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=558460 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD0B172-FB22-4270-B73D-4489EC2F4CE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers."
},
{
"lang": "es",
"value": "La funcion _cupsGetlang, tal y como se utiliza en lppasswd.c en lppasswd en CUPS v1.2.2, v1.3.7, v1.3.9, y v1.4.1, cuenta con una situacion variable para determinar el fichero que provee cadenas de localizacion de un mensaje, lo que permite a usuarios locales ganar privilegios a traves de un fichero que contiene datos de localizacion manipulados con ciertos formatos de cadena."
}
],
"id": "CVE-2010-0393",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-03-05T19:30:00.470",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/str.php?L3482"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:072"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38524"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=558460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/str.php?L3482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=558460"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue did not affected Red Hat Enterprise Linux 3 and 4 due to the lack of localization in lppasswd as provided in those releases.\n\nThe affected code is present in Red Hat Enterprise Linux 5, however lppasswd is not shipped setuid so is not vulnerable to this issue. If a user were to enable the setuid bit on lppasswd, the impact would only be a crash of lppasswd due to use of FORTIFY_SOURCE protections. Therefore, there are no plans to correct this issue in Red Hat Enterprise Linux 5.",
"lastModified": "2010-03-09T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-21 02:30
Modified
2025-04-09 00:30
Severity ?
Summary
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@ubuntu.com | http://lab.gnucitizen.org/projects/cups-0day | Broken Link | |
| security@ubuntu.com | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | Mailing List | |
| security@ubuntu.com | http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html | Mailing List | |
| security@ubuntu.com | http://secunia.com/advisories/33937 | Broken Link | |
| security@ubuntu.com | http://secunia.com/advisories/43521 | Broken Link | |
| security@ubuntu.com | http://support.apple.com/kb/HT3438 | Third Party Advisory | |
| security@ubuntu.com | http://www.debian.org/security/2011/dsa-2176 | Third Party Advisory | |
| security@ubuntu.com | http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/ | Broken Link | |
| security@ubuntu.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:028 | Broken Link | |
| security@ubuntu.com | http://www.openwall.com/lists/oss-security/2008/11/19/3 | Mailing List | |
| security@ubuntu.com | http://www.openwall.com/lists/oss-security/2008/11/19/4 | Mailing List | |
| security@ubuntu.com | http://www.openwall.com/lists/oss-security/2008/11/20/1 | Mailing List | |
| security@ubuntu.com | http://www.redhat.com/support/errata/RHSA-2008-1029.html | Broken Link | |
| security@ubuntu.com | http://www.securityfocus.com/bid/32419 | Broken Link, Third Party Advisory, VDB Entry | |
| security@ubuntu.com | http://www.securitytracker.com/id?1021396 | Broken Link, Third Party Advisory, VDB Entry | |
| security@ubuntu.com | http://www.vupen.com/english/advisories/2009/0422 | Broken Link | |
| security@ubuntu.com | http://www.vupen.com/english/advisories/2011/0535 | Broken Link | |
| security@ubuntu.com | https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241 | Issue Tracking | |
| security@ubuntu.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/46684 | Third Party Advisory, VDB Entry | |
| security@ubuntu.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10586 | Broken Link | |
| security@ubuntu.com | https://www.exploit-db.com/exploits/7150 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lab.gnucitizen.org/projects/cups-0day | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33937 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43521 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3438 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2176 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/ | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:028 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/11/19/3 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/11/19/4 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/11/20/1 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-1029.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/32419 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021396 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/0422 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0535 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/46684 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10586 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/7150 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x_server | * | |
| opensuse | opensuse | 11.0 | |
| debian | debian_linux | 5.0 | |
| debian | debian_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9759850-4805-447C-AF3F-5CD462E24810",
"versionEndExcluding": "10.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2779F6D3-C4B4-4600-88EF-24B26741CEB8",
"versionEndExcluding": "10.5.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B42AB65-443B-4655-BAEA-4EB4A43D9509",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184."
},
{
"lang": "es",
"value": "cupsd en CUPS versi\u00f3n 1.3.9 y anteriores, permite a los usuarios locales, y posiblemente atacantes remotos, causar una denegaci\u00f3n de servicio (bloqueo del demonio) mediante la adici\u00f3n de un gran n\u00famero de Suscripciones RSS, que desencadena una desreferencia de puntero NULL. NOTA: este problema puede ser desencadenado remotamente mediante el aprovechamiento de CVE-2008-5184."
}
],
"id": "CVE-2008-5183",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2008-11-21T02:30:00.453",
"references": [
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "http://lab.gnucitizen.org/projects/cups-0day"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/33937"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/4"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/1"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1029.html"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/32419"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021396"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2009/0422"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "security@ubuntu.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46684"
},
{
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10586"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/7150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lab.gnucitizen.org/projects/cups-0day"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/19/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-1029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/32419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2009/0422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/cups/+bug/298241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10586"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/7150"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-18 23:44
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://docs.info.apple.com/article.html?artnum=307562 | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html | Patch | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html | ||
| cve@mitre.org | http://secunia.com/advisories/29420 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29573 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29603 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29630 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29634 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29655 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29659 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29750 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31324 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200804-01.xml | ||
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1625 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:081 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0192.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0206.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/28304 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/28334 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1019672 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-598-1 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA08-079A.html | US Government Resource | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0924/references | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41272 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10356 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00105.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://docs.info.apple.com/article.html?artnum=307562 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29420 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29573 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29603 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29630 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29634 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29655 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29659 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29750 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31324 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200804-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1625 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:081 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0192.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0206.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28304 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28334 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1019672 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-598-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA08-079A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0924/references | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41272 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10356 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00105.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.9 | |
| apple | cups | 1.4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "604D0E97-6CCF-4793-9A13-647CA5FFB9E2",
"versionEndIncluding": "1.3.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD0B172-FB22-4270-B73D-4489EC2F4CE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el filtro HP-GL/2-a-PostScript en CUPS versiones anteriores a 1.3.6, podr\u00edan permitir a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo HP-GL/2 dise\u00f1ado."
}
],
"id": "CVE-2008-0053",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-18T23:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29420"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29573"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29603"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29630"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29634"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29655"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29659"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29750"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31324"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200804-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1625"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:081"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0192.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28304"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28334"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019672"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-598-1"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41272"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10356"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200804-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0192.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-598-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-079A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00105.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "NVD clarification:\n\nTo exploit this flaw an attacker needs to print a malicious file through the vulnerable filter (either themselves or by convincing a victim to do so), it should therefore be AC:M\n\nIn CUPS, print filters run as an unprivileged user no superuser (root), therefore this should be scored C:P, I:P, A:P",
"lastModified": "2008-05-15T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=263028 | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| cve@mitre.org | http://secunia.com/advisories/34291 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34481 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34755 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34756 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34852 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34959 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34963 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34991 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35037 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35064 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35065 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35074 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35618 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35685 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3549 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3639 | ||
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2009-0059 | ||
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1790 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1793 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/502761/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34568 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022073 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1297 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1621 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=490614 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=263028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35074 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3549 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3639 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2009-0059 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502761/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022073 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1297 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1621 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=490614 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos enteros en el decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anterior, y otros productos permiten a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado, relacionado a (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg y (3) JBIG2Stream::readGenericBitmap."
}
],
"id": "CVE-2009-0147",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-23T17:30:01.563",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35074"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3639"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-09 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| secalert@redhat.com | http://secunia.com/advisories/35340 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35685 | ||
| secalert@redhat.com | http://secunia.com/advisories/37023 | ||
| secalert@redhat.com | http://secunia.com/advisories/37028 | ||
| secalert@redhat.com | http://secunia.com/advisories/37037 | ||
| secalert@redhat.com | http://secunia.com/advisories/37043 | ||
| secalert@redhat.com | http://secunia.com/advisories/37077 | ||
| secalert@redhat.com | http://secunia.com/advisories/37079 | ||
| secalert@redhat.com | http://securitytracker.com/id?1022326 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:334 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-1083.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/35195 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1488 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/2928 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=491840 | Patch | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/50941 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10534 | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2009-1500.html | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2009-1501.html | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2009-1502.html | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2009-1503.html | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2009-1512.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35340 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37023 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37037 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37043 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37077 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37079 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1022326 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:334 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1083.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/35195 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1488 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/2928 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=491840 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50941 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10534 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2009-1500.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2009-1501.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2009-1502.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2009-1503.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2009-1512.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en el filtro pdftops en CUPS v1.1.17, v1.1.22 y v1.3.7 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero PDF manipulado que dispara una desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap), posiblemente relacionado con (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx y (5) PSOutputDev.cxx en pdftops/. NOTA: el vector JBIG2Stream.cxx podr\u00eda solapar CVE-2009-1179."
}
],
"id": "CVE-2009-0791",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-06-09T17:30:00.267",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35340"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37023"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37028"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37037"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37043"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37077"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37079"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1022326"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/35195"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1488"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2009/2928"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50941"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10534"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1022326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/2928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1501.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1502.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1503.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1512.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-17 16:30
Modified
2025-04-11 00:51
Severity ?
Summary
The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| product-security@apple.com | http://cups.org/articles.php?L596 | ||
| product-security@apple.com | http://cups.org/str.php?L3577 | ||
| product-security@apple.com | http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html | Vendor Advisory | |
| product-security@apple.com | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html | ||
| product-security@apple.com | http://secunia.com/advisories/40220 | Vendor Advisory | |
| product-security@apple.com | http://secunia.com/advisories/43521 | Vendor Advisory | |
| product-security@apple.com | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| product-security@apple.com | http://support.apple.com/kb/HT4188 | Patch, Vendor Advisory | |
| product-security@apple.com | http://www.debian.org/security/2011/dsa-2176 | ||
| product-security@apple.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 | ||
| product-security@apple.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 | ||
| product-security@apple.com | http://www.securityfocus.com/bid/40871 | Patch | |
| product-security@apple.com | http://www.vupen.com/english/advisories/2010/1481 | Vendor Advisory | |
| product-security@apple.com | http://www.vupen.com/english/advisories/2011/0535 | Vendor Advisory | |
| product-security@apple.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/articles.php?L596 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/str.php?L3577 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40220 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43521 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4188 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2176 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/40871 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0535 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.9 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 | |
| apple | cups | 1.4.0 | |
| apple | cups | 1.4.1 | |
| apple | cups | 1.4.2 | |
| apple | mac_os_x | 10.5.8 | |
| apple | mac_os_x | 10.6.0 | |
| apple | mac_os_x | 10.6.1 | |
| apple | mac_os_x | 10.6.2 | |
| apple | mac_os_x | 10.6.3 | |
| apple | mac_os_x_server | 10.5.8 | |
| apple | mac_os_x_server | 10.6.0 | |
| apple | mac_os_x_server | 10.6.1 | |
| apple | mac_os_x_server | 10.6.2 | |
| apple | mac_os_x_server | 10.6.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB4C70A-5B61-46A2-927F-94522D6BA71D",
"versionEndIncluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84AD2D5B-DC7A-49A3-9238-9728F03AAFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD0B172-FB22-4270-B73D-4489EC2F4CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F12A5E71-D6E3-475E-817B-C8E6FC5B41B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6BE138D-619B-4E44-BFB2-8DFE5F0D1E12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect\u0026URL=% and (2) /admin?URL=/admin/\u0026OP=% URIs."
},
{
"lang": "es",
"value": "La funci\u00f3n cgi_initialize_string en el archivo cgi-bin/var.c en la interfaz web en CUPS anterior a versi\u00f3n 1.4.4, tal y como es usado sobre Mac OS X versi\u00f3n 10.5.8, Mac OS X versiones 10.6 anteriores a 10.6.4, de Apple, y otras plataformas, no maneja apropiadamente los par\u00e1metros values que contienen un car\u00e1cter % (porcentaje) sin dos caracteres hexadecimales posteriores, lo que permite a los atacantes dependiendo del contexto obtener informaci\u00f3n confidencial de la memoria del proceso cupsd por medio de una petici\u00f3n especialmente dise\u00f1ada, como es demostrado por los URIs (1) /admin?OP=redirect\u0026URL=% y (2) /admin?URL=/admin/\u0026OP=%."
}
],
"id": "CVE-2010-1748",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-17T16:30:01.920",
"references": [
{
"source": "product-security@apple.com",
"url": "http://cups.org/articles.php?L596"
},
{
"source": "product-security@apple.com",
"url": "http://cups.org/str.php?L3577"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40220"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "product-security@apple.com",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4188"
},
{
"source": "product-security@apple.com",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "product-security@apple.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"source": "product-security@apple.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"source": "product-security@apple.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/40871"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "product-security@apple.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cups.org/articles.php?L596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cups.org/str.php?L3577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/40871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-30 23:17
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch | Broken Link | |
| secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc | Broken Link | |
| secalert@redhat.com | http://bugs.gentoo.org/show_bug.cgi?id=187139 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | http://osvdb.org/40127 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/26188 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26251 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26254 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26255 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26257 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26278 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26281 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26283 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26292 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26293 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26297 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26307 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26318 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26325 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26342 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26343 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26358 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26365 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26370 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26395 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26403 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26405 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26407 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26410 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26413 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26425 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26432 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26436 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26467 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26468 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26470 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26514 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26607 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26627 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26862 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/26982 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27156 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27281 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27308 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27637 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/30168 | Third Party Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200709-12.xml | Third Party Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200709-17.xml | Third Party Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200710-20.xml | Third Party Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200711-34.xml | Third Party Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200805-13.xml | Third Party Advisory | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 | Third Party Advisory | |
| secalert@redhat.com | http://sourceforge.net/project/shownotes.php?release_id=535497 | Broken Link | |
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1347 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1348 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1349 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1350 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1352 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1354 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1355 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1357 | Third Party Advisory | |
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml | Third Party Advisory | |
| secalert@redhat.com | http://www.kde.org/info/security/advisory-20070730-1.txt | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:158 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:159 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:160 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:161 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:162 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:163 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:164 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:165 | Third Party Advisory | |
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2007_15_sr.html | Broken Link | |
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2007_16_sr.html | Broken Link | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0720.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0729.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0730.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0731.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0732.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0735.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/476508/100/0/threaded | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/476519/30/5400/threaded | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/476765/30/5340/threaded | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/25124 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id?1018473 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-496-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-496-2 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2704 | Permissions Required, Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2705 | Permissions Required, Third Party Advisory | |
| secalert@redhat.com | https://issues.foresightlinux.org/browse/FL-471 | Broken Link | |
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-1596 | Broken Link | |
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-1604 | Broken Link | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=187139 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/40127 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26251 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26254 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26255 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26257 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26278 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26281 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26283 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26292 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26293 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26297 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26307 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26318 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26325 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26342 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26343 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26358 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26365 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26370 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26395 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26403 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26405 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26407 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26410 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26413 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26425 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26432 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26436 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26467 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26468 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26470 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26514 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26607 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26627 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26862 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26982 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27156 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27281 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27308 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27637 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30168 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200709-12.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200709-17.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200710-20.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200711-34.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200805-13.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/project/shownotes.php?release_id=535497 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1347 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1348 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1349 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1350 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1352 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1354 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1355 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1357 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kde.org/info/security/advisory-20070730-1.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:158 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:159 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:160 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:161 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:162 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:163 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:164 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:165 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_15_sr.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_16_sr.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0720.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0729.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0730.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0731.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0732.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0735.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/476508/100/0/threaded | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/476519/30/5400/threaded | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/476765/30/5340/threaded | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/25124 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018473 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-496-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-496-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2704 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2705 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.foresightlinux.org/browse/FL-471 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1596 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1604 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| freedesktop | poppler | * | |
| gpdf_project | gpdf | * | |
| xpdfreader | xpdf | 3.02 | |
| debian | debian_linux | 3.1 | |
| debian | debian_linux | 4.0 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 6.10 | |
| canonical | ubuntu_linux | 7.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08916364-08F4-4416-B84E-2BDD2DC0A3EB",
"versionEndIncluding": "1.3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B64EB12-180D-4943-93C5-D99E05DE8422",
"versionEndExcluding": "0.5.91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gpdf_project:gpdf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4AA11D-1589-49C3-AF7F-89C25F5E017B",
"versionEndExcluding": "2.8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdfreader:xpdf:3.02:*:*:*:*:*:*:*",
"matchCriteriaId": "14CC22C3-4195-4207-AAA4-E72F22334517",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function."
},
{
"lang": "es",
"value": "Un desbordamiento de enteros en la funci\u00f3n StreamPredictor::StreamPredictor en xpdf versi\u00f3n 3.02, tal como es usado en (1) poppler anterior a versi\u00f3n 0.5.91, (2) gpdf anterior a versi\u00f3n 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, ( 6) PDFedit, y otros productos, podr\u00edan permitir que los atacantes remotos ejecuten c\u00f3digo arbitrario por medio de un archivo PDF creado que causa un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria, en la funci\u00f3n StreamPredictor::getNextLine."
}
],
"id": "CVE-2007-3387",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-07-30T23:17:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=187139"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/40127"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26188"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26251"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26254"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26255"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26257"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26278"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26281"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26283"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26292"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26293"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26297"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26307"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26318"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26325"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26342"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26343"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26358"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26365"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26370"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26395"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26403"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26405"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26407"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26410"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26413"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26425"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26432"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26467"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26468"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26470"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26514"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26607"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26627"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26862"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26982"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27156"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27281"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27308"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27637"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30168"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-12.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-17.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-20.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=535497"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1347"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1348"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1349"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1350"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1352"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1354"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1355"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1357"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20070730-1.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:158"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:159"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:160"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:161"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:162"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:163"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:164"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:165"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2007_16_sr.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0720.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0729.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0730.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0731.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0732.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0735.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/476508/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/476519/30/5400/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/476765/30/5340/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25124"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018473"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.423670"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-496-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-496-2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2704"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2705"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://issues.foresightlinux.org/browse/FL-471"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-1596"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-1604"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=187139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/40127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200709-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.761882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=535497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20070730-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2007_16_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0729.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0730.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0731.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0732.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0735.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/476508/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/476519/30/5400/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/476765/30/5340/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.423670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-496-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-496-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://issues.foresightlinux.org/browse/FL-471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-1596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-1604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-19 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0067.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-1123.html | ||
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3172 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:049 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/02/10/15 | Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/02/12/12 | Third Party Advisory | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72594 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1031776 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2520-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201607-06 | Third Party Advisory | |
| cve@mitre.org | https://www.cups.org/str.php?L4551 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0067.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-1123.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3172 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:049 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/02/10/15 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/02/12/12 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72594 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1031776 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2520-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201607-06 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cups.org/str.php?L4551 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1277A27D-00F6-48AA-87E3-174ADAAA84D4",
"versionEndIncluding": "2.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n cupsRasterReadPixels en filter/raster.c en CUPS anterior a 2.0.2 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un fichero de raster comprimido malformado, lo que provoca un desbordamiento de buffer."
}
],
"id": "CVE-2014-9679",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-19T15:59:11.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0067.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1123.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3172"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:049"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/10/15"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/12/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72594"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031776"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2520-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201607-06"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cups.org/str.php?L4551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1123.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/12/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2520-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201607-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cups.org/str.php?L4551"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-22 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cups.org/articles.php?L596 | Patch, Vendor Advisory | |
| cve@mitre.org | http://cups.org/str.php?L3518 | ||
| cve@mitre.org | http://secunia.com/advisories/43521 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| cve@mitre.org | http://www.debian.org/security/2011/dsa-2176 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2011/0535 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/articles.php?L596 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/str.php?L3518 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43521 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2176 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0535 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.9 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 | |
| apple | cups | 1.4.0 | |
| apple | cups | 1.4.1 | |
| apple | cups | 1.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB4C70A-5B61-46A2-927F-94522D6BA71D",
"versionEndIncluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84AD2D5B-DC7A-49A3-9238-9728F03AAFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD0B172-FB22-4270-B73D-4489EC2F4CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F12A5E71-D6E3-475E-817B-C8E6FC5B41B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses."
},
{
"lang": "es",
"value": "La funci\u00f3n cupsDoAuthentication en auth.c en el cliente en CUPS en versiones anteriores a la 1.4.4, cuando se omite HAVE_GSSAPI, no maneja de manera apropiada una petici\u00f3n de autorizaci\u00f3n, lo que permite a servidores CUPS remotos provocar una denegaci\u00f3n de servicio (bucle infinito) mediante respuestas HTTP_UNAUTHORIZED."
}
],
"id": "CVE-2010-2432",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-22T20:30:01.790",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://cups.org/articles.php?L596"
},
{
"source": "cve@mitre.org",
"url": "http://cups.org/str.php?L3518"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/43521"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://cups.org/articles.php?L596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cups.org/str.php?L3518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0535"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-11-20 02:30
Modified
2025-04-09 00:30
Severity ?
Summary
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html | Mailing List | |
| secalert@redhat.com | http://secunia.com/advisories/37360 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/37364 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/38241 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/43521 | Broken Link | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201207-10.xml | Third Party Advisory | |
| secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1 | Broken Link | |
| secalert@redhat.com | http://support.apple.com/kb/HT4004 | Vendor Advisory | |
| secalert@redhat.com | http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs | Broken Link, Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs | Broken Link, Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs | Broken Link, Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.cups.org/str.php?L3200 | Broken Link, Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2011/dsa-2176 | Mailing List | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:073 | Broken Link | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-1595.html | Broken Link | |
| secalert@redhat.com | http://www.securityfocus.com/bid/37048 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-906-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/0173 | Broken Link | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0535 | Broken Link | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=530111 | Issue Tracking | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11183 | Broken Link | |
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37360 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37364 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38241 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43521 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201207-10.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4004 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs | Broken Link, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs | Broken Link, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs | Broken Link, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L3200 | Broken Link, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2176 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:073 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1595.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/37048 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-906-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/0173 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0535 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=530111 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11183 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html | Mailing List |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.10 | |
| apple | mac_os_x | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x_server | * | |
| apple | mac_os_x_server | * | |
| fedoraproject | fedora | 10 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 8.10 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| debian | debian_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80C038E4-C24D-45E9-8287-C205C0C07809",
"versionEndExcluding": "10.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B30A1267-231F-44CA-9484-8849C1808DEC",
"versionEndExcluding": "10.6.2",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F89C200-D340-4BB4-BC82-C26629184C5C",
"versionEndExcluding": "10.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F769B77-FF42-442C-8D1A-4E2AE1F5DF39",
"versionEndExcluding": "10.6.2",
"versionStartIncluding": "10.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*",
"matchCriteriaId": "7000D33B-F3C7-43E8-8FC7-9B97AADC3E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso anterior a la liberaci\u00f3n en el descriptor de fichero abstracto de cuelgue de interface en la funci\u00f3n cupsdDoSelect en scheduler/select.c en el scheduler en cupsd en CUPS v1.3.7 y v1.3.10 permite a los atacantes remoto causar una denegaci\u00f3n de servicio (ca\u00edda o cuelque del demonio) a trav\u00e9s de una desconexi\u00f3n de cliente durante el listado de una elevado n\u00famero de trabajos de impresi\u00f3n, en relaci\u00f3n al mantenimiento inapropiado de un contador de referencia. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."
}
],
"id": "CVE-2009-3553",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2009-11-20T02:30:00.610",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37360"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37364"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/38241"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4004"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/str.php?L3200"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1595.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/37048"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/0173"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530111"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11183"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/38241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/43521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/str.php?L3200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.debian.org/security/2011/dsa-2176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1595.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/37048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-906-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/0173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2011/0535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-09 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html | Mailing List | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | Mailing List | |
| cve@mitre.org | http://secunia.com/advisories/35322 | Broken Link, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35328 | Broken Link, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35340 | Broken Link, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35342 | Broken Link, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35685 | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/36701 | Broken Link | |
| cve@mitre.org | http://securitytracker.com/id?1022321 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://support.apple.com/kb/HT3865 | Third Party Advisory | |
| cve@mitre.org | http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability | Exploit, Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1811 | Broken Link, Third Party Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-1082.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-1083.html | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/504032/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/bid/35169 | Broken Link, Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-780-1 | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=500972 | Issue Tracking | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/50926 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35322 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35328 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35340 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35342 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/36701 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1022321 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3865 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1811 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1082.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1083.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/504032/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/35169 | Broken Link, Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-780-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=500972 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50926 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 8.10 | |
| canonical | ubuntu_linux | 9.04 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 5.0 | |
| debian | debian_linux | 6.0 | |
| apple | mac_os_x | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x_server | * | |
| apple | mac_os_x_server | * | |
| opensuse | opensuse | 10.3 | |
| suse | linux_enterprise | 9.0 | |
| suse | linux_enterprise | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4D1818-1AE2-42FE-9856-5519EF7E0DAA",
"versionEndExcluding": "1.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5DEE66-117C-4844-8FD4-065D0820A808",
"versionEndExcluding": "10.4.11",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A880FA4-5DBF-4894-8DAC-C3CD147D1EB7",
"versionEndExcluding": "10.5.8",
"versionStartIncluding": "10.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9ACE85A-56A0-404C-AB58-A4F5CA73243C",
"versionEndExcluding": "10.4.11",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F74FAC0-CC05-4797-9DE2-F7CE5CB8FC19",
"versionEndExcluding": "10.5.8",
"versionStartIncluding": "10.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B68DF-1440-4587-8458-9C5F4D1E43F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C3243C77-D635-480D-908C-328A479719E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "AED08A6F-CD23-4405-B1CF-C96BB8AE7D6B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags."
},
{
"lang": "es",
"value": "La funci\u00f3n ippReadIO en cups/ipp.c en cupsd en CUPS antes de la versi\u00f3n 1.3.10 no inicia de manera apropiada la memoria para paquetes de solicitud IPP, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda del demonio) mediante una solicitud de programaci\u00f3n (scheduler) con dos etiquetas IPP_TAG_UNSUPPORTED consecutivas."
}
],
"id": "CVE-2009-0949",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2009-06-09T17:30:00.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35322"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35328"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35340"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35342"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/36701"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022321"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1811"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1082.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/504032/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/35169"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-780-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500972"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50926"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/36701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.coresecurity.com/content/AppleCUPS-null-pointer-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1082.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/504032/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/35169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-780-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9631"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| secalert@redhat.com | http://poppler.freedesktop.org/releases.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2009-0458.html | Patch | |
| secalert@redhat.com | http://secunia.com/advisories/34291 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34481 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34746 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34755 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34756 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34852 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34959 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34963 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34991 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35037 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35064 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35065 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35618 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35685 | Vendor Advisory | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0431.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0480.html | Patch | |
| secalert@redhat.com | http://www.securityfocus.com/bid/34568 | Patch | |
| secalert@redhat.com | http://www.securitytracker.com/id?1022073 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1065 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1066 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1076 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=495892 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://poppler.freedesktop.org/releases.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34746 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022073 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1076 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=495892 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| poppler | poppler | * | |
| poppler | poppler | 0.1 | |
| poppler | poppler | 0.1.1 | |
| poppler | poppler | 0.1.2 | |
| poppler | poppler | 0.2.0 | |
| poppler | poppler | 0.3.0 | |
| poppler | poppler | 0.3.1 | |
| poppler | poppler | 0.3.2 | |
| poppler | poppler | 0.3.3 | |
| poppler | poppler | 0.4.0 | |
| poppler | poppler | 0.4.1 | |
| poppler | poppler | 0.4.2 | |
| poppler | poppler | 0.4.3 | |
| poppler | poppler | 0.4.4 | |
| poppler | poppler | 0.5.0 | |
| poppler | poppler | 0.5.1 | |
| poppler | poppler | 0.5.2 | |
| poppler | poppler | 0.5.3 | |
| poppler | poppler | 0.5.4 | |
| poppler | poppler | 0.5.9 | |
| poppler | poppler | 0.5.90 | |
| poppler | poppler | 0.5.91 | |
| poppler | poppler | 0.6.0 | |
| poppler | poppler | 0.6.1 | |
| poppler | poppler | 0.6.2 | |
| poppler | poppler | 0.6.3 | |
| poppler | poppler | 0.6.4 | |
| poppler | poppler | 0.7.0 | |
| poppler | poppler | 0.7.1 | |
| poppler | poppler | 0.7.2 | |
| poppler | poppler | 0.7.3 | |
| poppler | poppler | 0.8.0 | |
| poppler | poppler | 0.8.1 | |
| poppler | poppler | 0.8.2 | |
| poppler | poppler | 0.8.3 | |
| poppler | poppler | 0.8.4 | |
| poppler | poppler | 0.8.5 | |
| poppler | poppler | 0.8.6 | |
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
"versionEndIncluding": "0.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data."
},
{
"lang": "es",
"value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado que desencadena una liberaci\u00f3n de datos no v\u00e1lidos."
}
],
"id": "CVE-2009-1180",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-23T17:30:01.767",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-10 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | Vendor Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html | ||
| cve@mitre.org | http://secunia.com/advisories/32084 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32222 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32226 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32284 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32292 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32316 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32331 | ||
| cve@mitre.org | http://secunia.com/advisories/33085 | ||
| cve@mitre.org | http://secunia.com/advisories/33111 | ||
| cve@mitre.org | http://secunia.com/advisories/33568 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3216 | Vendor Advisory | |
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm | ||
| cve@mitre.org | http://www.cups.org/articles.php?L575 | ||
| cve@mitre.org | http://www.cups.org/str.php?L2911 | Exploit | |
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1656 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0937.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/497221/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/31681 | Patch | |
| cve@mitre.org | http://www.securityfocus.com/bid/31688 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1021031 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2780 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2782 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/3401 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1568 | ||
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-08-067 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/45779 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666 | ||
| cve@mitre.org | https://usn.ubuntu.com/656-1/ | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32084 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32222 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32226 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32284 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32292 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32316 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32331 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3216 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/articles.php?L575 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L2911 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1656 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0937.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/497221/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/31681 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/31688 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021031 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2780 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2782 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/3401 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-08-067 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/45779 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/656-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE5DEEF-1945-4809-B081-6C410DF7C9E7",
"versionEndIncluding": "1.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory."
},
{
"lang": "es",
"value": "El filtro de lenguaje grafico de Hewlett-Packard (HPGL) en el CUPS en versiones anteriores a v1.3.9 permite a atacantes remotos ejecutar codigo a su elecci\u00f3n a traves de codigos manipulados de anchura y color de lapiz que permite la sobreescritura de memoria a su elecci\u00f3n."
}
],
"id": "CVE-2008-3641",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-10T10:30:03.077",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32084"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32222"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32226"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32284"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32292"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32316"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32331"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33085"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33111"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33568"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/articles.php?L575"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cups.org/str.php?L2911"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497221/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31688"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021031"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-067"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45779"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT3216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/articles.php?L575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cups.org/str.php?L2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497221/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2009-0458.html | Patch | |
| cve@mitre.org | http://secunia.com/advisories/34291 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34481 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34755 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34756 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34852 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34959 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34963 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34991 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35037 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35064 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35065 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35618 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35685 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0431.html | Patch | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0480.html | Patch | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34568 | Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1022073 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1066 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=490625 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022073 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=490625 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| poppler | poppler | * | |
| poppler | poppler | 0.1 | |
| poppler | poppler | 0.1.1 | |
| poppler | poppler | 0.1.2 | |
| poppler | poppler | 0.2.0 | |
| poppler | poppler | 0.3.0 | |
| poppler | poppler | 0.3.1 | |
| poppler | poppler | 0.3.2 | |
| poppler | poppler | 0.3.3 | |
| poppler | poppler | 0.4.0 | |
| poppler | poppler | 0.4.1 | |
| poppler | poppler | 0.4.2 | |
| poppler | poppler | 0.4.3 | |
| poppler | poppler | 0.4.4 | |
| poppler | poppler | 0.5.0 | |
| poppler | poppler | 0.5.1 | |
| poppler | poppler | 0.5.2 | |
| poppler | poppler | 0.5.3 | |
| poppler | poppler | 0.5.4 | |
| poppler | poppler | 0.5.9 | |
| poppler | poppler | 0.5.90 | |
| poppler | poppler | 0.5.91 | |
| poppler | poppler | 0.6.0 | |
| poppler | poppler | 0.6.1 | |
| poppler | poppler | 0.6.2 | |
| poppler | poppler | 0.6.3 | |
| poppler | poppler | 0.6.4 | |
| poppler | poppler | 0.7.0 | |
| poppler | poppler | 0.7.1 | |
| poppler | poppler | 0.7.2 | |
| poppler | poppler | 0.7.3 | |
| poppler | poppler | 0.8.0 | |
| poppler | poppler | 0.8.1 | |
| poppler | poppler | 0.8.2 | |
| poppler | poppler | 0.8.3 | |
| poppler | poppler | 0.8.4 | |
| poppler | poppler | 0.8.5 | |
| poppler | poppler | 0.8.6 | |
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
"versionEndIncluding": "0.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory."
},
{
"lang": "es",
"value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una liberaci\u00f3n de memoria no inicializada."
}
],
"id": "CVE-2009-0166",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-23T17:30:01.610",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-04 00:44
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/29630 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/31388 | Third Party Advisory | |
| secalert@redhat.com | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245 | Broken Link | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2008-0206.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/495164/100/0/threaded | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/41758 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-2390 | Broken Link | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29630 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31388 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0206.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495164/100/0/threaded | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41758 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2390 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08916364-08F4-4416-B84E-2BDD2DC0A3EB",
"versionEndIncluding": "1.3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888."
},
{
"lang": "es",
"value": "Desbordamiento de entero en el filtro pdftops de CUPS en Red Hat Enterprise Linux 3 y 4, cuando corren en plataformas de 64-bits, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ficheros PDF manipulados. \r\nNOTA: esta cuesti\u00f3n es debida a un parche incompleto para CVE-2004-0888."
}
],
"id": "CVE-2008-1374",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-04-04T00:44:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29630"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31388"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495164/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41758"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-2390"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/29630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0206.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495164/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-2390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-20 15:15
Modified
2024-11-21 01:45
Severity ?
Summary
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/01/04/5 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/57158 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2012-6094 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6094 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6094 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/82451 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2012-6094 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/01/04/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/57158 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2012-6094 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6094 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6094 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/82451 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2012-6094 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9914A5E1-ECB8-4627-B284-5DC6FE1FD8A9",
"versionEndExcluding": "1.5.4-1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cups (Common Unix Printing System) \u0027Listen localhost:631\u0027 option not honored correctly which could provide unauthorized access to the system"
},
{
"lang": "es",
"value": "La opci\u00f3n \"Listen localhost:631\" de cups (Common Unix Printing System) no acepto correctamente, que podr\u00eda proporcionar acceso no autorizado al sistema."
}
],
"id": "CVE-2012-6094",
"lastModified": "2024-11-21T01:45:48.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-20T15:15:11.420",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/01/04/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57158"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2012-6094"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6094"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6094"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82451"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/01/04/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2012-6094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6094"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-29 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | http://advisories.mageia.org/MGASA-2014-0313.html | ||
| security@debian.org | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| security@debian.org | http://secunia.com/advisories/60509 | ||
| security@debian.org | http://secunia.com/advisories/60787 | ||
| security@debian.org | http://www.debian.org/security/2014/dsa-2990 | ||
| security@debian.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2014/07/22/13 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2014/07/22/2 | ||
| security@debian.org | http://www.ubuntu.com/usn/USN-2341-1 | ||
| security@debian.org | https://cups.org/str.php?L4455 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2014-0313.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60509 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60787 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2990 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/22/13 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/22/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2341-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cups.org/str.php?L4455 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6B5B62-D4D1-410D-AF80-0855B6D6A2D1",
"versionEndIncluding": "1.7.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "055893FF-4833-4BDC-9C6B-B4BDD0F59942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F911CF9B-673B-4783-BE33-1D233F75BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD0A09C-DCE7-4873-AC60-68EC747BD1F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "54164748-5511-4B90-BD1B-75C0D89532A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C950144A-DAAB-4E2E-84A6-9C356CDC8EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9741201D-2223-4593-8463-A0FE313F26F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py."
},
{
"lang": "es",
"value": "CUPS anterior a 2.0 permite a usuarios locales leer ficheros arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc o (6) index.py."
}
],
"id": "CVE-2014-5030",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-29T14:55:07.827",
"references": [
{
"source": "security@debian.org",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"source": "security@debian.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/60509"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/60787"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cups.org/str.php?L4455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cups.org/str.php?L4455"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| secalert@redhat.com | http://poppler.freedesktop.org/releases.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2009-0458.html | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34291 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34481 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34746 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34755 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34756 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34852 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34959 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34963 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34991 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35037 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35064 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35065 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35618 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35685 | Vendor Advisory | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1790 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1793 | ||
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0430.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/34568 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1022073 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1076 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=495896 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://poppler.freedesktop.org/releases.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34746 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022073 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1076 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=495896 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| poppler | poppler | * | |
| poppler | poppler | 0.1 | |
| poppler | poppler | 0.1.1 | |
| poppler | poppler | 0.1.2 | |
| poppler | poppler | 0.2.0 | |
| poppler | poppler | 0.3.0 | |
| poppler | poppler | 0.3.1 | |
| poppler | poppler | 0.3.2 | |
| poppler | poppler | 0.3.3 | |
| poppler | poppler | 0.4.0 | |
| poppler | poppler | 0.4.1 | |
| poppler | poppler | 0.4.2 | |
| poppler | poppler | 0.4.3 | |
| poppler | poppler | 0.4.4 | |
| poppler | poppler | 0.5.0 | |
| poppler | poppler | 0.5.1 | |
| poppler | poppler | 0.5.2 | |
| poppler | poppler | 0.5.3 | |
| poppler | poppler | 0.5.4 | |
| poppler | poppler | 0.5.9 | |
| poppler | poppler | 0.5.90 | |
| poppler | poppler | 0.5.91 | |
| poppler | poppler | 0.6.0 | |
| poppler | poppler | 0.6.1 | |
| poppler | poppler | 0.6.2 | |
| poppler | poppler | 0.6.3 | |
| poppler | poppler | 0.6.4 | |
| poppler | poppler | 0.7.0 | |
| poppler | poppler | 0.7.1 | |
| poppler | poppler | 0.7.2 | |
| poppler | poppler | 0.7.3 | |
| poppler | poppler | 0.8.0 | |
| poppler | poppler | 0.8.1 | |
| poppler | poppler | 0.8.2 | |
| poppler | poppler | 0.8.3 | |
| poppler | poppler | 0.8.4 | |
| poppler | poppler | 0.8.5 | |
| poppler | poppler | 0.8.6 | |
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
"versionEndIncluding": "0.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos del b\u00fafer en el decodificador JBIG2 MMR en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado."
}
],
"id": "CVE-2009-1182",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-23T17:30:01.813",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-11-05 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch | Broken Link | |
| secalert@redhat.com | http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf | Patch, Vendor Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1201.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42141 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42357 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42397 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42691 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/43079 | Third Party Advisory | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2119 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2135 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:228 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:229 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:230 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 | Third Party Advisory | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html | Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2010/10/04/6 | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0749.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0750.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0751.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0752.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0753.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0754.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0755.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0859.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/43845 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1005-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2897 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3097 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0230 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=595245 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1201.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42141 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42357 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42397 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42691 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43079 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2119 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2135 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:228 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:229 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:230 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/10/04/6 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0749.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0750.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0751.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0752.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0753.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0754.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0755.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0859.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/43845 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1005-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2897 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3097 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0230 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=595245 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| freedesktop | poppler | * | |
| xpdfreader | xpdf | * | |
| xpdfreader | xpdf | 3.02 | |
| xpdfreader | xpdf | 3.02 | |
| xpdfreader | xpdf | 3.02 | |
| xpdfreader | xpdf | 3.02 | |
| xpdfreader | xpdf | 3.02 | |
| fedoraproject | fedora | 12 | |
| fedoraproject | fedora | 13 | |
| fedoraproject | fedora | 14 | |
| opensuse | opensuse | 11.1 | |
| opensuse | opensuse | 11.2 | |
| opensuse | opensuse | 11.3 | |
| suse | linux_enterprise_server | 9 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| debian | debian_linux | 5.0 | |
| debian | debian_linux | 6.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 10.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08916364-08F4-4416-B84E-2BDD2DC0A3EB",
"versionEndIncluding": "1.3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0432A227-B3A9-4672-B661-96C3F2F47764",
"versionEndIncluding": "0.15.1",
"versionStartIncluding": "0.8.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8444F877-A312-4E37-9754-60CC7DE24CA2",
"versionEndIncluding": "3.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdfreader:xpdf:3.02:-:*:*:*:*:*:*",
"matchCriteriaId": "AA082A3C-AF4F-4436-BE42-C38D88A5154F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdfreader:xpdf:3.02:pl1:*:*:*:*:*:*",
"matchCriteriaId": "0509A882-65AF-41CA-AE90-CD59B8779354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdfreader:xpdf:3.02:pl2:*:*:*:*:*:*",
"matchCriteriaId": "7B92D9ED-E5B3-420E-BBDB-C84518807F1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdfreader:xpdf:3.02:pl3:*:*:*:*:*:*",
"matchCriteriaId": "C892F205-4326-455E-8563-02971A93E3EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdfreader:xpdf:3.02:pl4:*:*:*:*:*:*",
"matchCriteriaId": "27F45309-0915-497C-BFAE-D9CA6A5D8C15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
"matchCriteriaId": "E44669D7-6C1E-4844-B78A-73E253A7CC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE52846-24EC-4068-B788-EC7F915FFF11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*",
"matchCriteriaId": "79A35457-EAA3-4BF9-A4DA-B2E414A75A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
"matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EE26596F-F10E-44EF-88CA-0080646E91B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference."
},
{
"lang": "es",
"value": "La funci\u00f3n Gfx::getPos en el analizador PDF en Xpdf versi\u00f3n anterior a 3.02 PL5, Poppler versi\u00f3n 0.8.7 y posiblemente otras versiones hasta la 0.15.1, CUPS, kdegraphics, y posiblemente otros productos permite que los atacantes dependiendo del contexto generen una denegaci\u00f3n de servicio (bloqueo) por medio de vectores desconocidos que desencadenan una desreferencia de puntero no inicializada."
}
],
"id": "CVE-2010-3702",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-11-05T18:00:05.017",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42141"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42357"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42397"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42691"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/43079"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0750.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0754.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/43845"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/43079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0754.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/43845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753 | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html | ||
| cve@mitre.org | http://secunia.com/advisories/32084 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32226 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32284 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32292 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32316 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32331 | ||
| cve@mitre.org | http://secunia.com/advisories/33085 | ||
| cve@mitre.org | http://secunia.com/advisories/33111 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 | ||
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm | ||
| cve@mitre.org | http://www.cups.org/articles.php?L575 | ||
| cve@mitre.org | http://www.cups.org/str.php?L2918 | Vendor Advisory | |
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1656 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0937.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/31690 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1021033 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2782 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/3401 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1568 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/45789 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11464 | ||
| cve@mitre.org | https://usn.ubuntu.com/656-1/ | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32084 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32226 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32284 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32292 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32316 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32331 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/articles.php?L575 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L2918 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1656 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0937.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/31690 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021033 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2782 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/3401 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/45789 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11464 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/656-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE5DEEF-1945-4809-B081-6C410DF7C9E7",
"versionEndIncluding": "1.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n read_rle16 de imagetops en CUPS anterior a la versi\u00f3n 1.3.9 permite a un atacante remoto ejecutar c\u00f3digo de su elecci\u00f3n por medio de una imagen SGI con datos Run Length Encoded (RLE) malformados que contienen una peque\u00f1a imagen y un n\u00famero de filas alto."
}
],
"id": "CVE-2008-3639",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.580",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32084"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32226"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32284"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32292"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32316"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32331"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33085"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33111"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/articles.php?L575"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cups.org/str.php?L2918"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31690"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021033"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45789"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11464"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/articles.php?L575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cups.org/str.php?L2918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-09 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/35340 | Vendor Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1022327 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-1083.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/35194 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1488 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=497135 | Patch | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/50944 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11217 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35340 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1022327 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1083.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/35194 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1488 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=497135 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50944 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11217 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a \"pointer use-after-delete flaw.\""
},
{
"lang": "es",
"value": "La funcionalidad directory-services en el planificador (scheduler) en CUPS v1.1.17 y v1.1.22 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (parada o ca\u00edda del demonio cupsd) mediante la manipulaci\u00f3n de la cadencia de los paquetes de navegaci\u00f3n CUPS, en relaci\u00f3n con el problema de punteros \"uso despu\u00e9s de borrado\" (\"pointer use-after-delete flaw\")."
}
],
"id": "CVE-2009-1196",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-06-09T17:30:10.640",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35340"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1022327"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/35194"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1488"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=497135"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50944"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1022327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=497135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11217"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752 | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html | ||
| cve@mitre.org | http://secunia.com/advisories/32084 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32226 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32284 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32292 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32316 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32331 | ||
| cve@mitre.org | http://secunia.com/advisories/33085 | ||
| cve@mitre.org | http://secunia.com/advisories/33111 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 | ||
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm | ||
| cve@mitre.org | http://www.cups.org/articles.php?L575 | ||
| cve@mitre.org | http://www.cups.org/str.php?L2919 | ||
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1656 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0937.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/31690 | Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1021034 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2782 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/3401 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1568 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/45790 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10266 | ||
| cve@mitre.org | https://usn.ubuntu.com/656-1/ | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32084 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32226 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32284 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32292 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32316 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32331 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/articles.php?L575 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L2919 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1656 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0937.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/31690 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021034 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2782 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/3401 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/45790 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10266 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/656-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE5DEEF-1945-4809-B081-6C410DF7C9E7",
"versionEndIncluding": "1.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n WriteProlog de texttops en CUPS antes de 1.3.9 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo PostScript manipulado que dispara un desbordamiento de b\u00fafer basado en mont\u00edculo."
}
],
"id": "CVE-2008-3640",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.627",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32084"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32226"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32284"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32292"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32316"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32331"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33085"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33111"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/articles.php?L575"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/str.php?L2919"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31690"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021034"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45790"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10266"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/articles.php?L575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/str.php?L2919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0937.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/656-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| secalert@redhat.com | http://poppler.freedesktop.org/releases.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| secalert@redhat.com | http://secunia.com/advisories/34291 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34481 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34746 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34755 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34756 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34852 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34959 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34963 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34991 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35037 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35064 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35065 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35618 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35685 | ||
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1790 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1793 | ||
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0430.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/34568 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1022073 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1076 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=495887 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://poppler.freedesktop.org/releases.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34746 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022073 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1076 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=495887 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| poppler | poppler | * | |
| poppler | poppler | 0.1 | |
| poppler | poppler | 0.1.1 | |
| poppler | poppler | 0.1.2 | |
| poppler | poppler | 0.2.0 | |
| poppler | poppler | 0.3.0 | |
| poppler | poppler | 0.3.1 | |
| poppler | poppler | 0.3.2 | |
| poppler | poppler | 0.3.3 | |
| poppler | poppler | 0.4.0 | |
| poppler | poppler | 0.4.1 | |
| poppler | poppler | 0.4.2 | |
| poppler | poppler | 0.4.3 | |
| poppler | poppler | 0.4.4 | |
| poppler | poppler | 0.5.0 | |
| poppler | poppler | 0.5.1 | |
| poppler | poppler | 0.5.2 | |
| poppler | poppler | 0.5.3 | |
| poppler | poppler | 0.5.4 | |
| poppler | poppler | 0.5.9 | |
| poppler | poppler | 0.5.90 | |
| poppler | poppler | 0.5.91 | |
| poppler | poppler | 0.6.0 | |
| poppler | poppler | 0.6.1 | |
| poppler | poppler | 0.6.2 | |
| poppler | poppler | 0.6.3 | |
| poppler | poppler | 0.6.4 | |
| poppler | poppler | 0.7.0 | |
| poppler | poppler | 0.7.1 | |
| poppler | poppler | 0.7.2 | |
| poppler | poppler | 0.7.3 | |
| poppler | poppler | 0.8.0 | |
| poppler | poppler | 0.8.1 | |
| poppler | poppler | 0.8.2 | |
| poppler | poppler | 0.8.3 | |
| poppler | poppler | 0.8.4 | |
| poppler | poppler | 0.8.5 | |
| poppler | poppler | 0.8.6 | |
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
"versionEndIncluding": "0.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple \"input validation flaws\" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file."
},
{
"lang": "es",
"value": "M\u00faltiples \"Input validation flaws\" en el decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado"
}
],
"id": "CVE-2009-0800",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-23T17:30:01.717",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-01 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html | ||
| cve@mitre.org | http://secunia.com/advisories/32962 | ||
| cve@mitre.org | http://secunia.com/advisories/33101 | ||
| cve@mitre.org | http://secunia.com/advisories/33111 | ||
| cve@mitre.org | http://secunia.com/advisories/33568 | ||
| cve@mitre.org | http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt | ||
| cve@mitre.org | http://www.cups.org/str.php?L2974 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1677 | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200812-01.xml | ||
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2009:028 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2009:029 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/12/01/1 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-1028.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/32518 | Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1021298 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/3315 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/46933 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32962 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L2974 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1677 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200812-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:029 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/12/01/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-1028.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/32518 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021298 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/3315 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/46933 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10058 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "AFB34629-DB13-4164-8A18-BD818E50528B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*",
"matchCriteriaId": "2D432471-B5FD-4B1D-82DF-6F3152752071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "960DE41E-63DB-45EB-9B19-6349BDA05086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A57D2299-3409-4907-9FC0-5C3C715CDB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C7EB92FA-3669-4530-BE69-84CF01D98FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "690C4DEC-1467-4D7D-8E73-6EE1758439D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB5CA96B-411E-47BE-81A1-1C2E240A25F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AA5A29C9-1913-4B8F-B162-66E71BEABD1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow."
},
{
"lang": "es",
"value": "Un desbordamiento de entero en la funci\u00f3n _cupsImageReadPNG en CUPS 1.1.17 hasta 1.3.9 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una imagen PNG con un gran valor de altura, lo cual impide una correcta comprobaci\u00f3n de validaci\u00f3n y ocasiona un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2008-5286",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-12-01T15:30:03.640",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32962"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33101"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33111"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33568"
},
{
"source": "cve@mitre.org",
"url": "http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/str.php?L2974"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1677"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/12/01/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1028.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/32518"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021298"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3315"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46933"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cups.org/str.php?L2974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/12/01/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-1028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/32518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10058"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=263028 | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| cve@mitre.org | http://secunia.com/advisories/34291 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34481 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34755 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34756 | ||
| cve@mitre.org | http://secunia.com/advisories/34852 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34959 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34963 | ||
| cve@mitre.org | http://secunia.com/advisories/34991 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35037 | ||
| cve@mitre.org | http://secunia.com/advisories/35064 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35065 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35074 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35618 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35685 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| cve@mitre.org | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3549 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3639 | ||
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2009-0059 | ||
| cve@mitre.org | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1790 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1793 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/502761/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34568 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022073 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1297 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1621 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=490612 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=263028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35074 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200904-20.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3549 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3639 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2009-0059 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/Advisories:rPSA-2009-0061 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502750/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502761/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022073 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1297 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1621 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=490612 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos del b\u00fafer en el decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, y otros productos permiten a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado, relacionado a (1) JBIG2SymbolDict::setBitmap y (2) JBIG2Stream::readSymbolDictSeg."
}
],
"id": "CVE-2009-0146",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-23T17:30:01.547",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34756"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34963"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/35037"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35074"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3639"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=263028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200904-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502750/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-08 23:30
Modified
2025-04-09 00:30
Severity ?
Summary
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.debian.org/debian-devel/2008/08/msg00347.html | ||
| cve@mitre.org | http://uvw.ru/report.sid.txt | Exploit | |
| cve@mitre.org | https://www.exploit-db.com/exploits/7550 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.debian.org/debian-devel/2008/08/msg00347.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://uvw.ru/report.sid.txt | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/7550 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333."
},
{
"lang": "es",
"value": "pstopdf de CUPS v1.3.8 , permite a usuarios locales sobrescribir ficheros de su elecci\u00f3n a trav\u00e9s de un ataque de enlace simb\u00f3lico en el fichero temporal /tmp/pstopdf.log. Se trata de una vulnerabilidad diferente de CVE-2001-1333."
}
],
"id": "CVE-2008-5377",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-12-08T23:30:00.470",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.debian.org/debian-devel/2008/08/msg00347.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://uvw.ru/report.sid.txt"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/7550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.debian.org/debian-devel/2008/08/msg00347.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://uvw.ru/report.sid.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/7550"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of CUPS as shipped with Red Hat Enterprise Linux 3, 4, or 5.\n\nAffected script is not part of the upstream CUPS distribution, but rather an addition used by Debian-based distributions (and possibly others).\n\nCUPS packages as shipped in Red Hat Enterprise Linux 5 also provide pstopdf filter. However, that filter is different from the one used in Debian-based distributions, and is unaffected by this flaw.\n\nAdditionally, all filters used by CUPS on all versions of Red Hat Enterprise Linux are run under an unprivileged \u0026quot;lp\u0026quot; user, making the root privilege escalation mentioned in the published exploit impossible.",
"lastModified": "2009-01-21T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-19 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://cups.org/str.php?L3867 | Patch, Third Party Advisory | |
| secalert@redhat.com | http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc | Patch, Vendor Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1180.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1181.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/45621 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/45900 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/45945 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/45948 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/46024 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/48236 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/48308 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/50737 | Broken Link | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201209-23.xml | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2011/dsa-2354 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2426 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 | Broken Link | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:167 | Broken Link | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2011/08/10/10 | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1635.html | Broken Link | |
| secalert@redhat.com | http://www.securityfocus.com/bid/49148 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id?1025929 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1207-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1214-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=727800 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=730338 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cups.org/str.php?L3867 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1180.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1181.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45621 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45900 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45945 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45948 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46024 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48236 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48308 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50737 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201209-23.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2354 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2426 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:167 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2011/08/10/10 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1635.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/49148 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1025929 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1207-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1214-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=727800 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=730338 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| swi-prolog | swi-prolog | * | |
| apple | cups | * | |
| gimp | gimp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:swi-prolog:swi-prolog:*:*:*:*:*:*:*:*",
"matchCriteriaId": "306F1543-3DA7-4374-9705-0702A78E9A87",
"versionEndIncluding": "5.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "580C1D10-6677-4636-9626-7B4FA3CFEA5C",
"versionEndIncluding": "1.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F771B1-B26F-4429-AC0F-ED8C2740B1F9",
"versionEndIncluding": "2.6.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895."
},
{
"lang": "es",
"value": "El descompresor LZW en (1) la funci\u00f3n LWZReadByte en giftoppm.c en el David Koblas GIF decoder en PBMPLUS, tal y como se utiliza en la funci\u00f3n gif_read_lzw en filter/image-gif.c en CUPS antes de la versi\u00f3n v1.4.7, (2) la funci\u00f3n LZWReadByte en plug-ins/common/file-gif-load.c en GIMP v2.6.11 y anteriores, (3) la funci\u00f3n LZWReadByte en img/gifread.c en XPCE en SWI-Prolog v5.10.4 y anteriores, y (4) otros productos, no controla correctamente las palabras de c\u00f3digo que est\u00e1n ausentes de la tabla de descompresi\u00f3n, lo que permite provocar a atacantes remotos un bucle infinito o un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap), y posiblemente, ejecutar c\u00f3digo de su elecci\u00f3n, a trav\u00e9s de un flujo o fichero comprimido debidamente modificado. Se trata de un problema relacionado con los CVE-2006-1168 y CVE-2011 2895.\r\n"
}
],
"id": "CVE-2011-2896",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-08-19T17:55:03.317",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://cups.org/str.php?L3867"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1180.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1181.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/45621"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/45900"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/45945"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/45948"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/46024"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/48236"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/48308"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50737"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2426"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:167"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1635.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/49148"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1025929"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1214-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://cups.org/str.php?L3867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1181.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/45621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/45900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/45945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/45948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/46024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/48236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/48308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/49148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1025929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1207-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1214-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730338"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-02-20 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2008-3640.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/33995 | Permissions Required, Third Party Advisory | |
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2009-064.htm | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0308.html | Patch, Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=486052 | Issue Tracking | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/48977 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9968 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33995 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2009-064.htm | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0308.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=486052 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/48977 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9968 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | 1.1.17 | |
| redhat | enterprise_linux | 3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3:*:*:*:*:*:*:*",
"matchCriteriaId": "444EBE64-D3C8-41E9-8E02-22C6BDA2876B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the WriteProlog function in texttops in CUPS 1.1.17 on Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2008-3640."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funcion WriteProlog en texttops en CUPS v1.1.17 en Red Hat Enterprise Linux (RHEL) v3 lo que permite atacantes remotos ejecutar codigo a su eleccion a traves de un fichero PostScript manipulado que dispara un desbordamiento de bufer basado en monticulo. NOTA: Esto existe debido a un arreglo incompleto de CVE-2008-3640."
}
],
"id": "CVE-2009-0577",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-02-20T19:30:00.233",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/33995"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-064.htm"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0308.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486052"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48977"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/33995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-064.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0308.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=486052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9968"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-02 21:30
Modified
2025-04-09 00:30
Severity ?
Summary
The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to "authentication environment variables."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2008//May/msg00001.html | ||
| cve@mitre.org | http://secunia.com/advisories/30430 | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1020145 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/29412 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/29484 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA08-150A.html | US Government Resource | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1697 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/42713 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2008//May/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30430 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1020145 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/29412 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/29484 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA08-150A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1697 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/42713 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| apple | mac_os_x_server | 10.5 | |
| apple | mac_os_x_server | 10.5.1 | |
| apple | mac_os_x_server | 10.5.2 | |
| apple | cups | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20E8648C-5469-4280-A581-D4A9A41B7213",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77E8D614-E1EE-42F1-9E55-EA54FB500621",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C73BED9E-29FB-4965-B38F-013FFE5A9170",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "772C32A8-A958-47B3-855D-116B0A7E9E5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to \"authentication environment variables.\""
},
{
"lang": "es",
"value": "El planificador en CUPS en Apple Mac OS X versiones 10.5 anteriores a 10.5.3, cuando el registro de depuraci\u00f3n est\u00e1 habilitado y una impresora requiere una contrase\u00f1a, permite a los atacantes obtener informaci\u00f3n confidencial (credenciales) mediante la lectura los datos de registro, relacionados con \"authentication environment variables.\""
}
],
"id": "CVE-2008-1033",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-02T21:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30430"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020145"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29412"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29484"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42713"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of cups as shipped with Red Hat Enterprise Linux 3, 4, or 5.",
"lastModified": "2008-06-03T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| secalert@redhat.com | http://poppler.freedesktop.org/releases.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| secalert@redhat.com | http://secunia.com/advisories/34291 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34481 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34746 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34755 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34756 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34852 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34959 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34963 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34991 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35037 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35064 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35065 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35379 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35618 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35685 | Vendor Advisory | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT3613 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT3639 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1790 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1793 | ||
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/34568 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1022073 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1076 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1522 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1621 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=495889 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://poppler.freedesktop.org/releases.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34746 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35379 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3613 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3639 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022073 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1076 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1522 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1621 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=495889 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| poppler | poppler | * | |
| poppler | poppler | 0.1 | |
| poppler | poppler | 0.1.1 | |
| poppler | poppler | 0.1.2 | |
| poppler | poppler | 0.2.0 | |
| poppler | poppler | 0.3.0 | |
| poppler | poppler | 0.3.1 | |
| poppler | poppler | 0.3.2 | |
| poppler | poppler | 0.3.3 | |
| poppler | poppler | 0.4.0 | |
| poppler | poppler | 0.4.1 | |
| poppler | poppler | 0.4.2 | |
| poppler | poppler | 0.4.3 | |
| poppler | poppler | 0.4.4 | |
| poppler | poppler | 0.5.0 | |
| poppler | poppler | 0.5.1 | |
| poppler | poppler | 0.5.2 | |
| poppler | poppler | 0.5.3 | |
| poppler | poppler | 0.5.4 | |
| poppler | poppler | 0.5.9 | |
| poppler | poppler | 0.5.90 | |
| poppler | poppler | 0.5.91 | |
| poppler | poppler | 0.6.0 | |
| poppler | poppler | 0.6.1 | |
| poppler | poppler | 0.6.2 | |
| poppler | poppler | 0.6.3 | |
| poppler | poppler | 0.6.4 | |
| poppler | poppler | 0.7.0 | |
| poppler | poppler | 0.7.1 | |
| poppler | poppler | 0.7.2 | |
| poppler | poppler | 0.7.3 | |
| poppler | poppler | 0.8.0 | |
| poppler | poppler | 0.8.1 | |
| poppler | poppler | 0.8.2 | |
| poppler | poppler | 0.8.3 | |
| poppler | poppler | 0.8.4 | |
| poppler | poppler | 0.8.5 | |
| poppler | poppler | 0.8.6 | |
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
"versionEndIncluding": "0.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en el decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado."
}
],
"id": "CVE-2009-1179",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-23T17:30:01.750",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35379"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3613"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3639"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| secalert@redhat.com | http://poppler.freedesktop.org/releases.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| secalert@redhat.com | http://secunia.com/advisories/34291 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34481 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34746 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34755 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34756 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34852 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34959 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34963 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34991 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35037 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35064 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35065 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35618 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35685 | Vendor Advisory | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0431.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/34568 | Patch | |
| secalert@redhat.com | http://www.securitytracker.com/id?1022072 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1065 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1066 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1076 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=495894 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://poppler.freedesktop.org/releases.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34746 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022072 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1076 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=495894 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| poppler | poppler | * | |
| poppler | poppler | 0.1 | |
| poppler | poppler | 0.1.1 | |
| poppler | poppler | 0.1.2 | |
| poppler | poppler | 0.2.0 | |
| poppler | poppler | 0.3.0 | |
| poppler | poppler | 0.3.1 | |
| poppler | poppler | 0.3.2 | |
| poppler | poppler | 0.3.3 | |
| poppler | poppler | 0.4.0 | |
| poppler | poppler | 0.4.1 | |
| poppler | poppler | 0.4.2 | |
| poppler | poppler | 0.4.3 | |
| poppler | poppler | 0.4.4 | |
| poppler | poppler | 0.5.0 | |
| poppler | poppler | 0.5.1 | |
| poppler | poppler | 0.5.2 | |
| poppler | poppler | 0.5.3 | |
| poppler | poppler | 0.5.4 | |
| poppler | poppler | 0.5.9 | |
| poppler | poppler | 0.5.90 | |
| poppler | poppler | 0.5.91 | |
| poppler | poppler | 0.6.0 | |
| poppler | poppler | 0.6.1 | |
| poppler | poppler | 0.6.2 | |
| poppler | poppler | 0.6.3 | |
| poppler | poppler | 0.6.4 | |
| poppler | poppler | 0.7.0 | |
| poppler | poppler | 0.7.1 | |
| poppler | poppler | 0.7.2 | |
| poppler | poppler | 0.7.3 | |
| poppler | poppler | 0.8.0 | |
| poppler | poppler | 0.8.1 | |
| poppler | poppler | 0.8.2 | |
| poppler | poppler | 0.8.3 | |
| poppler | poppler | 0.8.4 | |
| poppler | poppler | 0.8.5 | |
| poppler | poppler | 0.8.6 | |
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
"versionEndIncluding": "0.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference."
},
{
"lang": "es",
"value": "El decodificador JBIG2 en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) por medio de un archivo PDF creado que desencadena una desreferencia de puntero NULL."
}
],
"id": "CVE-2009-1181",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-23T17:30:01.780",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022072"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-29 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | http://advisories.mageia.org/MGASA-2014-0313.html | ||
| security@debian.org | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| security@debian.org | http://secunia.com/advisories/60509 | ||
| security@debian.org | http://secunia.com/advisories/60787 | ||
| security@debian.org | http://www.debian.org/security/2014/dsa-2990 | ||
| security@debian.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2014/07/22/13 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2014/07/22/2 | ||
| security@debian.org | http://www.ubuntu.com/usn/USN-2341-1 | ||
| security@debian.org | https://cups.org/str.php?L4455 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2014-0313.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60509 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60787 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2990 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/22/13 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/22/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2341-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cups.org/str.php?L4455 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | 1.7.4 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7E522C-3BB8-4F43-AFD5-5AFBAED8D4C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537."
},
{
"lang": "es",
"value": "La interfaz web en CUPS 1.7.4 permite a usuarios locales en el grupo lp leer ficheros arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre un fichero en /var/cache/cups/rss/ y language[0] configurado a nulo. NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2014-3537."
}
],
"id": "CVE-2014-5029",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-29T14:55:07.780",
"references": [
{
"source": "security@debian.org",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"source": "security@debian.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/60509"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/60787"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cups.org/str.php?L4455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cups.org/str.php?L4455"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-27 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=199195 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/27577 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/27615 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/28113 | Third Party Advisory | |
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm | Third Party Advisory | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:036 | Third Party Advisory | |
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2007_14_sr.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2007-1022.html | Third Party Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2007-1023.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/26524 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=250161 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9303 | Third Party Advisory | |
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=199195 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27577 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27615 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28113 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:036 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_14_sr.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1022.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-1023.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/26524 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=250161 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9303 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| fedoraproject | fedora | 7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F21F3180-4C7A-49C1-B954-75B39D6E1E28",
"versionEndExcluding": "1.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*",
"matchCriteriaId": "E3EFD171-01F7-450B-B6F3-0F7E443A2337",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation."
},
{
"lang": "es",
"value": "El servicio CUPS, tal y como es usado en SUSE Linux versiones anteriores a 20070720 y otras distribuciones de Linux, permite a atacantes remotos causar una denegaci\u00f3n de servicio por medio de vectores no especificados relacionados con una correcci\u00f3n incompleta para CVE-2007-0720 que introdujo un problema diferente de denegaci\u00f3n de servicio en la negociaci\u00f3n SSL."
}
],
"id": "CVE-2007-4045",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-27T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199195"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27577"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27615"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/28113"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/26524"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250161"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9303"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=199195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/28113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/26524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "The Red Hat Security Response Team has rated this issue as having low security impact. Updates to correct this are available:\nhttps://rhn.redhat.com/cve/CVE-2007-4045.html\n\n",
"lastModified": "2007-11-09T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-26 01:55
Modified
2025-04-11 00:51
Severity ?
Summary
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2014-0021.html | ||
| cve@mitre.org | http://secunia.com/advisories/56531 | Vendor Advisory | |
| cve@mitre.org | http://www.cups.org/blog.php?L704 | ||
| cve@mitre.org | http://www.cups.org/str.php?L4319 | Exploit, Patch | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2014:015 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2082-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2014-0021.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/56531 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/blog.php?L704 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cups.org/str.php?L4319 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2014:015 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2082-1 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| apple | cups | 1.7 | |
| apple | cups | 1.7.1 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96BCA869-A0D7-43CD-AEE1-2946FFFFFD25",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "055893FF-4833-4BDC-9C6B-B4BDD0F59942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "54164748-5511-4B90-BD1B-75C0D89532A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf."
},
{
"lang": "es",
"value": "lppasswd en CUPS anteriores a 1.7.1, cuando se ejecuta con privilegios setuid, permite a usuarios locales leer porciones de archivos arbitrarios a trav\u00e9s de una variable de entorno HOME modificada y un ataque symlink que involucra .cups/client.conf"
}
],
"id": "CVE-2013-6891",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-01-26T01:55:09.563",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56531"
},
{
"source": "cve@mitre.org",
"url": "http://www.cups.org/blog.php?L704"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.cups.org/str.php?L4319"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:015"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2082-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cups.org/blog.php?L704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.cups.org/str.php?L4319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2082-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-27 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://securitytracker.com/id?1021637 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:027 | Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:028 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:029 | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/33418 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/48210 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1021637 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:027 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:029 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/33418 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/48210 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| mandriva | corporate_server | 3.0 | |
| mandriva | corporate_server | 3.0 | |
| mandriva | corporate_server | 4.0 | |
| mandriva | corporate_server | 4.0 | |
| mandriva | linux | 2008.0 | |
| mandriva | linux | 2008.0 | |
| mandriva | linux | 2008.1 | |
| mandriva | linux | 2008.1 | |
| mandriva | linux | 2009.0 | |
| mandriva | multi_network_firewall | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "772C32A8-A958-47B3-855D-116B0A7E9E5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandriva:corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "694A745A-7CE4-460E-9637-5689ED6CCC95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "7D0156D0-33E6-48DE-80B9-75CBA1EB4D61",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35578C7D-7F96-420A-B60E-2940F7E43E28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:corporate_server:4.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "18FE4BDE-1B2F-4DC5-AC33-A4A938762C04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2008.0:*:*:*:*:*:*:*",
"matchCriteriaId": "107F6BEE-C3CB-460A-B574-16D031D823AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2008.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B9B78F34-9775-4851-A489-30CEBE3BEE34",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2008.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E024B17-9AEE-40AD-9EDC-3BC0FBB53BE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2008.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "FEC2E723-BC31-4E05-BF8E-FE460C32DD93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2009.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F90D927-CBCD-4432-9C04-A5F040D8F337",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandriva:multi_network_firewall:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3891CA-CBFC-45FD-967E-03B3AF3CF1DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file."
},
{
"lang": "es",
"value": "CUPS sobre Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) v3.0 y v4.0, y Multi Network Firewall (MNF) v2.0, permite a usuarios locales sobrescribir archivos de su elecci\u00f3n a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre el archivo temporal /tmp/pdf.log."
}
],
"id": "CVE-2009-0032",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-27T20:30:00.377",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1021637"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:027"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/33418"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48210"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. Red Hat does not ship the vulnerable backend that causes this flaw.",
"lastModified": "2009-01-27T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-29 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | http://advisories.mageia.org/MGASA-2014-0313.html | ||
| security@debian.org | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| security@debian.org | http://secunia.com/advisories/60509 | ||
| security@debian.org | http://secunia.com/advisories/60787 | ||
| security@debian.org | http://www.debian.org/security/2014/dsa-2990 | ||
| security@debian.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2014/07/22/13 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2014/07/22/2 | ||
| security@debian.org | http://www.ubuntu.com/usn/USN-2341-1 | ||
| security@debian.org | https://cups.org/str.php?L4455 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2014-0313.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-1388.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60509 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60787 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2990 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/22/13 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/22/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2341-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cups.org/str.php?L4455 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6B5B62-D4D1-410D-AF80-0855B6D6A2D1",
"versionEndIncluding": "1.7.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "055893FF-4833-4BDC-9C6B-B4BDD0F59942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F911CF9B-673B-4783-BE33-1D233F75BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD0A09C-DCE7-4873-AC60-68EC747BD1F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "54164748-5511-4B90-BD1B-75C0D89532A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C950144A-DAAB-4E2E-84A6-9C356CDC8EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9741201D-2223-4593-8463-A0FE313F26F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors."
},
{
"lang": "es",
"value": "La interfaz web en CUPS anterior a 2.0 no comprueba que los ficheros tienen permisos de lectura universal, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-5031",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-29T14:55:07.877",
"references": [
{
"source": "security@debian.org",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"source": "security@debian.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/60509"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/60787"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cups.org/str.php?L4455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0313.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/07/22/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2341-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cups.org/str.php?L4455"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| secalert@redhat.com | http://poppler.freedesktop.org/releases.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2009-0458.html | Patch | |
| secalert@redhat.com | http://secunia.com/advisories/34291 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34481 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34746 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34755 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34756 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34852 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34959 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34963 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/34991 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35037 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35064 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35065 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35618 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35685 | Vendor Advisory | |
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| secalert@redhat.com | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0480.html | Patch | |
| secalert@redhat.com | http://www.securityfocus.com/bid/34568 | Patch | |
| secalert@redhat.com | http://www.securitytracker.com/id?1022072 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1065 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1076 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=495899 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://poppler.freedesktop.org/releases.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34746 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34755 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34852 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34991 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35037 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35618 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35685 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1790 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1793 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/196617 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0429.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0430.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0431.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34568 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022072 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1065 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1066 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1076 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1077 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=495899 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| poppler | poppler | * | |
| poppler | poppler | 0.1 | |
| poppler | poppler | 0.1.1 | |
| poppler | poppler | 0.1.2 | |
| poppler | poppler | 0.2.0 | |
| poppler | poppler | 0.3.0 | |
| poppler | poppler | 0.3.1 | |
| poppler | poppler | 0.3.2 | |
| poppler | poppler | 0.3.3 | |
| poppler | poppler | 0.4.0 | |
| poppler | poppler | 0.4.1 | |
| poppler | poppler | 0.4.2 | |
| poppler | poppler | 0.4.3 | |
| poppler | poppler | 0.4.4 | |
| poppler | poppler | 0.5.0 | |
| poppler | poppler | 0.5.1 | |
| poppler | poppler | 0.5.2 | |
| poppler | poppler | 0.5.3 | |
| poppler | poppler | 0.5.4 | |
| poppler | poppler | 0.5.9 | |
| poppler | poppler | 0.5.90 | |
| poppler | poppler | 0.5.91 | |
| poppler | poppler | 0.6.0 | |
| poppler | poppler | 0.6.1 | |
| poppler | poppler | 0.6.2 | |
| poppler | poppler | 0.6.3 | |
| poppler | poppler | 0.6.4 | |
| poppler | poppler | 0.7.0 | |
| poppler | poppler | 0.7.1 | |
| poppler | poppler | 0.7.2 | |
| poppler | poppler | 0.7.3 | |
| poppler | poppler | 0.8.0 | |
| poppler | poppler | 0.8.1 | |
| poppler | poppler | 0.8.2 | |
| poppler | poppler | 0.8.3 | |
| poppler | poppler | 0.8.4 | |
| poppler | poppler | 0.8.5 | |
| poppler | poppler | 0.8.6 | |
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| apple | cups | * | |
| apple | cups | 1.1 | |
| apple | cups | 1.1.1 | |
| apple | cups | 1.1.2 | |
| apple | cups | 1.1.3 | |
| apple | cups | 1.1.4 | |
| apple | cups | 1.1.5 | |
| apple | cups | 1.1.5-1 | |
| apple | cups | 1.1.5-2 | |
| apple | cups | 1.1.6 | |
| apple | cups | 1.1.6-1 | |
| apple | cups | 1.1.6-2 | |
| apple | cups | 1.1.6-3 | |
| apple | cups | 1.1.7 | |
| apple | cups | 1.1.8 | |
| apple | cups | 1.1.9 | |
| apple | cups | 1.1.9-1 | |
| apple | cups | 1.1.10 | |
| apple | cups | 1.1.10-1 | |
| apple | cups | 1.1.11 | |
| apple | cups | 1.1.12 | |
| apple | cups | 1.1.13 | |
| apple | cups | 1.1.14 | |
| apple | cups | 1.1.15 | |
| apple | cups | 1.1.16 | |
| apple | cups | 1.1.17 | |
| apple | cups | 1.1.18 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.19 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.20 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.21 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.22 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.1.23 | |
| apple | cups | 1.2.0 | |
| apple | cups | 1.2.1 | |
| apple | cups | 1.2.2 | |
| apple | cups | 1.2.3 | |
| apple | cups | 1.2.4 | |
| apple | cups | 1.2.5 | |
| apple | cups | 1.2.6 | |
| apple | cups | 1.2.7 | |
| apple | cups | 1.2.8 | |
| apple | cups | 1.2.9 | |
| apple | cups | 1.2.10 | |
| apple | cups | 1.2.11 | |
| apple | cups | 1.2.12 | |
| apple | cups | 1.3.0 | |
| apple | cups | 1.3.1 | |
| apple | cups | 1.3.2 | |
| apple | cups | 1.3.3 | |
| apple | cups | 1.3.4 | |
| apple | cups | 1.3.5 | |
| apple | cups | 1.3.6 | |
| apple | cups | 1.3.7 | |
| apple | cups | 1.3.8 | |
| apple | cups | 1.3.10 | |
| apple | cups | 1.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0299F4A-A027-430C-9A53-AFEF9022960C",
"versionEndIncluding": "0.10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EBF88-10DE-4EA6-9F0E-F33C88541F65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54F75CFD-3523-4017-992C-4FA6406D49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB116A19-6436-40BE-B5C6-32C22D888B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4C1429-593B-47B6-AC84-832F2296FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18240BA6-3390-4925-AC25-DA4C42397CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3090A142-2240-4A8D-A122-C037931A277C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD63240-4599-4212-8AF2-7C4089CA9D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7EE965-EE3F-4B17-AF38-FA3AA0B11164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE488E5-B3D9-4723-ABBA-A8753EC2DA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1259C59E-517F-40BE-8BA6-01AB76257C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "576152B4-9ACD-4C4E-B423-4A5EF44332D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "322F9E62-6A74-4805-8F6B-9C61739B2D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C453F-6A87-49FB-83F6-22316F28161F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75F532F0-6653-4275-A85A-BD9A9A611E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC7300E-0CBE-47FD-A241-B4B4F0164EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255102DA-A2C0-4795-9539-B4CBD587554A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "349B06F1-772A-4A12-A7B9-EA220ED96D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B779800A-FF4B-47DD-B56F-77D10D6A335C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*",
"matchCriteriaId": "F0213390-08FA-4E04-835B-8BE0FC61B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0B304657-740A-4F8D-99CD-22E283FEE6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178680C2-DB1B-4250-9B6E-6ADABA60DE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA9036F-92DA-45C2-9FBC-DE03444D34F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6855B98-DAA2-4850-A765-2F4D6D93A424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4743EC55-B61D-4C1A-9ED7-060268F2DB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD4454E-3D2B-4582-B5E5-0317A6417654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96402B67-A7A8-44E3-914E-A10A69FAD735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66C608C8-F382-4D6B-A638-98763C1CBB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F0F4E0-91B7-4B1F-BFA9-829101A7F90A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22287102-80B1-4E1F-85E4-488B020A51E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3030D6-DE07-418B-AB40-87C85FCA3C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3583D56-F653-457A-B1F8-25842A15CB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA5DBB-5A80-439E-A135-77CB40772916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A5C43B-3978-4D0A-8166-A99622106781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A940AF2-A7CA-408F-86E2-797C7BA8A6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2CD8A0-2DBA-4AC9-A97D-D4DAEB6C7A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56CB7C-E7B3-4F0B-8BEB-F133FAF0D6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E90153-8D18-4A50-9581-895C851F6489",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D89E03-94D0-4F7F-9A54-3021E3E5A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298D6BE7-7683-4225-8DD6-4C0FC5EB48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "230B77E7-B1AE-4470-859D-7B5F99749D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FECBBD-B1A2-4F42-8A68-32AB8331BDC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6070FC-4566-4314-940E-0AAE34B56E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC691F07-8B38-4867-AB18-51F380CAEA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E943EFBF-39A7-408F-8AC5-677E83DFDBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA7725A-4398-4C76-BEBF-10E56C7F34F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7415295-0FBF-4946-8D99-8CB2EC391319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C702EE3-4B7C-42EA-92AA-8717807CF67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*",
"matchCriteriaId": "73F74581-D71C-4FEC-BA8C-85EF4C1991BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABCFB52-33D3-428C-B1D5-DCE504170A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "45F03F2B-6AC3-4872-9032-293C2E9B837C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02B6FB-C36D-45F3-95F3-566CA03B29A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "96093309-A87D-48D0-84DA-446255ABF231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF67F149-614B-4507-A15F-E557A1B73423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A14432-D8A1-4D19-9408-B9B4F2FC6B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*",
"matchCriteriaId": "49862F77-B8DE-4AA7-AE17-B348B05AC00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7719F-03E0-4E66-A50A-F8E857A9B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F3139FDA-9476-4414-B349-7119E63FD268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "523FE78C-441F-4ACD-B9F2-3E5293E277AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F887B5B1-7528-4086-AE6C-134F54A93342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6D24ED-0D73-4CF2-B746-6EF29F2EF56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C5C552-6276-4791-80CD-6B3EB425EF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8335D4E3-563D-4288-B708-A9635BCA595F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5279D055-248A-4BD1-9FBB-0024BA16DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "BF791C1D-9AF8-4F0F-8F4B-844BC9A55DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16519855-FCB9-44A8-9C7E-116192327BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B1D9330B-C51A-4C7D-A322-85103C64D86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "2DA0C19F-95EB-429C-AF06-A2C1D5643662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "225CCE80-FF4B-4B39-B8BD-EB4710047524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "07925DD8-50C0-4908-95D1-7342A4617BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "48A519DB-6C6D-4094-814D-33BD5EF389BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B6ED7566-5092-4B08-97A9-B2B53117A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98DCAC0C-896F-4353-A665-5BCD0D8AEBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E72614CD-8F70-4E07-AD83-8FDE8026CEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*",
"matchCriteriaId": "48E62419-C165-4B42-8C23-E24821BD4BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*",
"matchCriteriaId": "217D804B-CA56-49CE-B9EB-2A297EB1763C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*",
"matchCriteriaId": "A41E8583-C837-4871-B4D2-FD41C78D538E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "D480C37B-0DA8-4096-80B0-5198FE589A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F5A83B-3C1A-49F3-A9D6-F7B9B897E447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "241D4183-879D-4974-BACB-A6987EDA2E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "96592A93-4967-4B91-BCF7-558DC472E7BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8758715D-B973-4960-8B7D-6F9A11E73288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0370E9EB-B830-4362-B83C-912579695691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EC6EE-720D-4F27-A2E1-88AE53FC41A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D644926A-C2A5-45FE-85A3-2782CE87ED86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0696E675-0A13-45FC-8917-845E6FF7A311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAC98C-1FE6-42A3-8B62-E3C321914F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC3EF2F-0140-4185-9FB3-2B595B61CDC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36785A-F735-45C0-986B-9624AD65F0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1D3916-607F-44E8-9D47-93C6C0789083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "174613C3-A04B-4701-849B-BAA598BF4F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "81C1137C-BE3D-45F9-83C9-D212107F0E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBC1F81-E93A-42A7-8BC8-4B903688F2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA876FF-C58A-45CF-A8E8-E2068DF79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD78771-BD9A-4AC2-B664-B189DD288FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "50A16424-732F-4B76-A753-1642A97BC1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E189C976-2DD2-485C-828E-7FC3DC6A8F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A86CA90F-A944-4F3E-B75F-8147125335D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAFABDC-E40F-4C53-AC66-94EFD077665D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A2F7B3-F4A7-416E-A07F-D4C5F0768B6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C1B80-9E20-4832-8308-BF7911569EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2D7DB3-F467-4BC0-83BB-4706D067A2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD33C2C-7D39-4CCE-AC99-BC7B1B205A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46C394DC-65A7-4713-B823-6F5D329A0C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E9F74F-3C7D-486A-8BA1-EE2A73160B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69BD64BB-BDA7-4F82-8324-B7C7C941133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAEE03E-0B8A-4D10-BD4D-2DA25B7BBE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D8814509-8B08-46C6-AE50-19B7D30DCF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0718FB6B-D787-409A-B535-0318F2C63A81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file."
},
{
"lang": "es",
"value": "El decodificador JBIG2 MMR en Xpdf versi\u00f3n 3.02 PL2 y anteriores, CUPS versi\u00f3n 1.3.9 y anteriores, Poppler versi\u00f3n anterior a 0.10.6, y otros productos permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito y colgar) por medio de un archivo PDF creado."
}
],
"id": "CVE-2009-1183",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-23T17:30:01.827",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1022072"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://poppler.freedesktop.org/releases.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.578477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/196617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0430.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-26 17:29
Modified
2024-11-21 03:19
Severity ?
Summary
The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/apple/cups/issues/5143 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/apple/cups/releases/tag/v2.2.6 | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/05/msg00018.html | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html | ||
| cve@mitre.org | https://security.cucumberlinux.com/security/details.php?id=346 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3713-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apple/cups/issues/5143 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apple/cups/releases/tag/v2.2.6 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/05/msg00018.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.cucumberlinux.com/security/details.php?id=346 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3713-1/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A17CA65-4B96-400E-B3EE-EA8D32F0AB63",
"versionEndExcluding": "2.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification."
},
{
"lang": "es",
"value": "La funci\u00f3n add_job en scheduler/ipp.c en CUPS, en versiones anteriores a la 2.2.6, cuando un soporte D-Bus est\u00e1 habilitado, podr\u00eda experimentar un cierre inesperado llevado a cabo por atacantes remotos mediante el env\u00edo de tareas de impresi\u00f3n con un nombre de usuario no v\u00e1lido. Esto est\u00e1 relacionado con una notificaci\u00f3n D-Bus."
}
],
"id": "CVE-2017-18248",
"lastModified": "2024-11-21T03:19:40.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-26T17:29:00.207",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/issues/5143"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/releases/tag/v2.2.6"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00018.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://security.cucumberlinux.com/security/details.php?id=346"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3713-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/commit/49fa4983f25b64ec29d548ffa3b9782426007df3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/issues/5143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/releases/tag/v2.2.6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://security.cucumberlinux.com/security/details.php?id=346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3713-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-16 17:29
Modified
2024-11-21 03:19
Severity ?
Summary
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.chromium.org/p/project-zero/issues/detail?id=1048 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41 | Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/02/msg00023.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3577-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/project-zero/issues/detail?id=1048 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/02/msg00023.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3577-1/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
"matchCriteriaId": "295435A4-C8D6-4FB5-9C28-D63A1B88DCFA",
"versionEndExcluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1)."
},
{
"lang": "es",
"value": "Una entrada en la lista blanca localhost.localdomain en valid_host() en scheduler/client.c en CUPS, en versiones anteriores a la 2.2.2, permite que atacantes remotos ejecuten comandos IPP arbitrarios mediante el env\u00edo de peticiones POST al demonio CUPS junto con reenlaces DNS. El nombre localhost.localdomain suele resolverse mediante un servidor DNS (ni el sistema operativo ni el navegador web son responsables de garantizar que localhost.localdomain sea 127.0.0.1)."
}
],
"id": "CVE-2017-18190",
"lastModified": "2024-11-21T03:19:31.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-16T17:29:00.217",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1048"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3577-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3577-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-290"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| PSIRT-CNA@flexerasoftware.com | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/34291 | ||
| PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/34481 | ||
| PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/34756 | ||
| PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/34963 | ||
| PSIRT-CNA@flexerasoftware.com | http://secunia.com/advisories/35064 | ||
| PSIRT-CNA@flexerasoftware.com | http://secunia.com/secunia_research/2009-17/ | Vendor Advisory | |
| PSIRT-CNA@flexerasoftware.com | http://secunia.com/secunia_research/2009-18/ | Vendor Advisory | |
| PSIRT-CNA@flexerasoftware.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| PSIRT-CNA@flexerasoftware.com | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/archive/1/502759/100/0/threaded | ||
| PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/archive/1/502762/100/0/threaded | ||
| PSIRT-CNA@flexerasoftware.com | http://www.securityfocus.com/bid/34791 | ||
| PSIRT-CNA@flexerasoftware.com | http://www.vupen.com/english/advisories/2010/1040 | ||
| PSIRT-CNA@flexerasoftware.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2009-0458.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34291 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34481 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34756 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34963 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35064 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/secunia_research/2009-17/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/secunia_research/2009-18/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0480.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502759/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/502762/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34791 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1040 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | cups | 1.3.9 | |
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| foolabs | xpdf | 3.0.1 | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C671B95-8892-4D71-87FE-BABF5CBEC144",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Xpdf v3.02p12 y anteriores, CUPS v1.3.9 y probablemente otros productos, permite a atacantes remotos ejecutar c\u00f3digo de forma arbitraria a trav\u00e9s de un fichero PDF con segmentos JBIG2 de diccionario simb\u00f3lico manipulados."
}
],
"id": "CVE-2009-0195",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-23T17:30:01.627",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://secunia.com/advisories/34291"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://secunia.com/advisories/34481"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://secunia.com/advisories/34756"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://secunia.com/advisories/34963"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://secunia.com/advisories/35064"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-17/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-18/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/502759/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/502762/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/34791"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-0458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-17/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-18/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502759/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502762/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}