Page 12 of 72 results (0.008 seconds)

CVSS: 6.8EPSS: 6%CPEs: 9EXPL: 0

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. Un desbordamiento de enteros en la función StreamPredictor::StreamPredictor en xpdf versión 3.02, tal como es usado en (1) poppler anterior a versión 0.5.91, (2) gpdf anterior a versión 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, ( 6) PDFedit, y otros productos, podrían permitir que los atacantes remotos ejecuten código arbitrario por medio de un archivo PDF creado que causa un desbordamiento del búfer en la región stack de la memoria, en la función StreamPredictor::getNextLine. • ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc http://bugs.gentoo.org/show_bug.cgi?id=187139 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 http://osvdb.org/40127 http://secunia.com/advisories/26188 http://secunia.com/advisories/26251 http://secunia.com/advisories/26254 http://secunia.com/advisories/26255 http://secunia.com/advisories/26257 http://secunia.com/advisories/26278 • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 0

The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. El servicio CUPS, tal y como es usado en SUSE Linux versiones anteriores a 20070720 y otras distribuciones de Linux, permite a atacantes remotos causar una denegación de servicio por medio de vectores no especificados relacionados con una corrección incompleta para CVE-2007-0720 que introdujo un problema diferente de denegación de servicio en la negociación SSL. • http://bugs.gentoo.org/show_bug.cgi?id=199195 http://secunia.com/advisories/27577 http://secunia.com/advisories/27615 http://secunia.com/advisories/28113 http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:036 http://www.novell.com/linux/security/advisories/2007_14_sr.html http://www.redhat.com/support/errata/RHSA-2007-1022.html http://www& •

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. El servicio CUPS en múltiples plataformas permite que los atacantes remotos causen una denegación de servicio (suspensión de servicio) por medio de una conexión SSL "partially-negotiated", lo que impide que otras peticiones sean aceptadas. • http://docs.info.apple.com/article.html?artnum=305214 http://fedoranews.org/cms/node/2785 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/24479 http://secunia.com/advisories/24517 http://secunia.com/advisories/24530 http://secunia.com/advisories/24660 http://secunia.com/advisories/24878 http://secunia.com/advisories/24895 http://secunia.com/advisories/25119 http://secunia.com/advisories/25497 http://secunia.com/advisori •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. • http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://securitytracker.com/id?1014698 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt). • http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://securitytracker.com/id?1014698 •