CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1722 – cups: integer overflow in the image filter
https://notcve.org/view.php?id=CVE-2008-1722
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image. Múltiples desbordamientos de enteros en (1) filter/image-png.c y (2) fileter/image-zoom.c en CUPS 1.3, permite a atacantes provocar una denegación de servicio (caída)a disparar una corrupción de memoria, como se demostró a través de una imagen PNG. • http://secunia.com/advisories/29809 http://secunia.com/advisories/29902 http://secunia.com/advisories/30078 http://secunia.com/advisories/30190 http://secunia.com/advisories/30553 http://secunia.com/advisories/30717 http://secunia.com/advisories/31324 http://secunia.com/advisories/32292 http://www.cups.org/str.php?L2790 http://www.debian.org/security/2008/dsa-1625 http://www.gentoo.org/security/en/glsa/glsa-200804-23.xml http://www.kb.cert.org/vuls/id/21839 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 0CVE-2008-1374 – cups: incomplete fix for CVE-2004-0888 / CVE-2005-0206
https://notcve.org/view.php?id=CVE-2008-1374
Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888. Desbordamiento de entero en el filtro pdftops de CUPS en Red Hat Enterprise Linux 3 y 4, cuando corren en plataformas de 64-bits, permite a atacantes remotos ejecutar código de su elección a través de ficheros PDF manipulados. NOTA: esta cuestión es debida a un parche incompleto para CVE-2004-0888. • http://secunia.com/advisories/29630 http://secunia.com/advisories/31388 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245 http://www.redhat.com/support/errata/RHSA-2008-0206.html http://www.securityfocus.com/archive/1/495164/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/41758 https://issues.rpath.com/browse/RPL-2390 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636 https://access.redhat.com/security/cve/CVE-2008-1374& • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.8EPSS: 94%CPEs: 1EXPL: 1CVE-2008-1373 – cups: overflow in gif image filter
https://notcve.org/view.php?id=CVE-2008-1373
Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484. Un desbordamiento de búfer en la función gif_read_lzw en CUPS versión 1.3.6, permite a los atacantes remotos tener un impacto desconocido por medio de un archivo GIF con un valor code_size grande, un problema similar a CVE-2006-4484. • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html http://secunia.com/advisories/29573 http://secunia.com/advisories/29603 http://secunia.com/advisories/29630 http://secunia.com/advisories/29634 http://secunia.com/advisories/29655 http://secunia.com/advisories/29659 http://secunia.com/advisories/29661 http://secunia.com/advisories/29750 http://secunia.com/advisories/31324 http://security.gentoo.org/glsa/glsa-200804-01.xml http://wiki.rpath.com/Advisori • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 21%CPEs: 76EXPL: 0CVE-2008-0053 – cups: buffer overflows in HP-GL/2 filter
https://notcve.org/view.php?id=CVE-2008-0053
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. Múltiples desbordamientos de búfer en el filtro HP-GL/2-a-PostScript en CUPS versiones anteriores a 1.3.6, podrían permitir a los atacantes remotos ejecutar código arbitrario por medio de un archivo HP-GL/2 diseñado. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html http://secunia.com/advisories/29420 http://secunia.com/advisories/29573 http://secunia.com/advisories/29603 http://secunia.com/advisories/29630 http://secunia.com/advisories/29634 http://secunia.com/advisories/29655 http://secunia.com/advisories/29659 http://secunia.com/advisories/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 86%CPEs: 3EXPL: 0CVE-2008-0047 – cups: heap based buffer overflow in cgiCompileSearch()
https://notcve.org/view.php?id=CVE-2008-0047
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. Un desbordamiento de búfer en la región heap de la memoria en la función cgiCompileSearch en CUPS versión 1.3.5 y otras versiones incluyendo la versión incorporada con Apple Mac OS X versión 10.5.2, cuando el uso compartido de impresoras está habilitado, permite a los atacantes remotos ejecutar código arbitrario por medio de expresiones de búsqueda diseñadas. • http://docs.info.apple.com/article.html?artnum=307562 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=674 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00005.html http://secunia.com/advisories/29420 http://secunia.com/advisories/29431 http://secunia.com/advisories/29448 http://secunia.com/advisories/29485 http://secunia.com/advisories/29573 http://secunia.com/advisories/29603 h • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •