6.8
CVE-2010-0542
- EPSS 4.13%
- Veröffentlicht 21.06.2010 16:30:01
- Zuletzt bearbeitet 16.06.2026 23:16:22
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.13% | 0.895 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/43521
http://www.debian.org/security/2011/dsa-2176
http://www.vupen.com/english/advisories/2011/0535
http://security.gentoo.org/glsa/glsa-201207-10.xml
http://cups.org/articles.php?L596
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
http://cups.org/str.php?L3516
http://cups.org/strfiles/3516/str3516.patch
http://securitytracker.com/id?1024121
http://www.securityfocus.com/bid/40943
https://bugzilla.redhat.com/show_bug.cgi?id=587746
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365