9.8

CVE-2010-2941

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleCups Version <= 1.4.4
ApplemacOS X Version < 10.5.8
ApplemacOS X Version >= 10.6.0 <= 10.6.4
ApplemacOS X Server Version < 10.5.8
ApplemacOS X Server Version >= 10.6.0 <= 10.6.4
FedoraprojectFedora Version12
FedoraprojectFedora Version13
FedoraprojectFedora Version14
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version8.04
CanonicalUbuntu Linux Version9.10
CanonicalUbuntu Linux Version10.04 SwEdition-
CanonicalUbuntu Linux Version10.10
DebianDebian Linux Version5.0
OpensuseOpensuse Version11.1
OpensuseOpensuse Version11.2
OpensuseOpensuse Version11.3
SuseLinux Enterprise Version10.0 Updatesp3
SuseLinux Enterprise Version11.0 Update-
SuseLinux Enterprise Version11.0 Updatesp1
RedhatEnterprise Linux Version5.0
RedhatEnterprise Linux Version6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.47% 0.929
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Mailing List
http://support.apple.com/kb/HT4435
Broken Link
http://secunia.com/advisories/43521
Broken Link
http://www.debian.org/security/2011/dsa-2176
Third Party Advisory
Mailing List
http://www.vupen.com/english/advisories/2011/0535
Broken Link
http://security.gentoo.org/glsa/glsa-201207-10.xml
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:233
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
Mailing List
http://rhn.redhat.com/errata/RHSA-2010-0811.html
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2856
Vendor Advisory
Broken Link
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
Broken Link
http://secunia.com/advisories/42867
Broken Link
http://www.vupen.com/english/advisories/2011/0061
Broken Link
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html
Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html
Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html
Mailing List
http://secunia.com/advisories/42287
Broken Link
http://securitytracker.com/id?1024662
Third Party Advisory
Broken Link
VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323
Broken Link
http://www.osvdb.org/68951
Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0866.html
Broken Link
http://www.securityfocus.com/bid/44530
Third Party Advisory
Broken Link
VDB Entry
http://www.ubuntu.com/usn/USN-1012-1
Third Party Advisory
http://www.vupen.com/english/advisories/2010/3042
Broken Link
http://www.vupen.com/english/advisories/2010/3088
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=624438
Patch
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/62882
Third Party Advisory
VDB Entry