CVE-2013-6473

EPSS 13.72%
Veröffentlicht 14.03.2014 15:55:05
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Canonical ≫ Ubuntu Linux Version13.10

Linuxfoundation ≫ Cups-filters Version1.0.25

Linuxfoundation ≫ Cups-filters Version1.0.26

Linuxfoundation ≫ Cups-filters Version1.0.27

Linuxfoundation ≫ Cups-filters Version1.0.28

Linuxfoundation ≫ Cups-filters Version1.0.29

Linuxfoundation ≫ Cups-filters Version1.0.30

Linuxfoundation ≫ Cups-filters Version1.0.31

Linuxfoundation ≫ Cups-filters Version1.0.32

Linuxfoundation ≫ Cups-filters Version1.0.33

Linuxfoundation ≫ Cups-filters Version1.0.34

Linuxfoundation ≫ Cups-filters Version1.0.35

Linuxfoundation ≫ Cups-filters Version1.0.36

Linuxfoundation ≫ Cups-filters Version1.0.37

Linuxfoundation ≫ Cups-filters Version1.0.38

Linuxfoundation ≫ Cups-filters Version1.0.39

Linuxfoundation ≫ Cups-filters Version1.0.40

Linuxfoundation ≫ Cups-filters Version1.0.41

Linuxfoundation ≫ Cups-filters Version1.0.42

Linuxfoundation ≫ Cups-filters Version1.0.43

Linuxfoundation ≫ Cups-filters Version1.0.44

Linuxfoundation ≫ Cups-filters Version1.0.45

Linuxfoundation ≫ Cups-filters Version1.0.46

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	13.72%	0.941

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7175

Patch

http://www.securityfocus.com/bid/66601

http://www.ubuntu.com/usn/USN-2143-1

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741333

https://bugzilla.redhat.com/show_bug.cgi?id=1027547

https://nvd.nist.gov/vuln/detail/CVE-2013-6473

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-6473

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-6473

EUVD