Easy Software Products

Cups

35 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2008-1373

Exploit
  • EPSS 7.51%
  • Veröffentlicht 04.04.2008 00:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.

5

CVE-2008-0597

  • EPSS 5.28%
  • Veröffentlicht 26.02.2008 00:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets.

5

CVE-2008-0596

  • EPSS 3.85%
  • Veröffentlicht 26.02.2008 00:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.

9.3

CVE-2007-5849

  • EPSS 34.58%
  • Veröffentlicht 19.12.2007 21:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.

5

CVE-2005-3626

Exploit
  • EPSS 9.33%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10

CVE-2005-3625

Exploit
  • EPSS 11.29%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and ...

5

CVE-2005-3624

Exploit
  • EPSS 7.36%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int...

5

CVE-2005-2874

Exploit
  • EPSS 1.43%
  • Veröffentlicht 13.09.2005 22:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.

5

CVE-2005-2526

  • EPSS 0.74%
  • Veröffentlicht 19.08.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection.

5

CVE-2005-2525

  • EPSS 0.74%
  • Veröffentlicht 19.08.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).