CVSS: 7.5EPSS: 6%CPEs: 15EXPL: 3CVE-2009-0949 – CUPS 1.3.9 - 'cups/ipp.c' Null Pointer Dereference Denial of Service
https://notcve.org/view.php?id=CVE-2009-0949
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. La función ippReadIO en cups/ipp.c en cupsd en CUPS antes de la versión 1.3.10 no inicia de manera apropiada la memoria para paquetes de solicitud IPP, lo que permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída del demonio) mediante una solicitud de programación (scheduler) con dos etiquetas IPP_TAG_UNSUPPORTED consecutivas. • https://www.exploit-db.com/exploits/33020 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35322 http://secunia.com/advisories/35328 http://secunia.com/advisories/35340 http://secunia.com/advisories/35342 http://secunia.com/advisories/35685 http://secunia.com/advisories/36701 http://securitytracker.com/id?1022321 http://support.apple.com/kb/HT3865 http&# • CWE-476: NULL Pointer Dereference CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 4%CPEs: 21EXPL: 0CVE-2009-0946 – freetype: multiple integer overflows
https://notcve.org/view.php?id=CVE-2009-0946
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. Múltiples desbordamientos de entero en FreeType v2.3.9 y anteriores permiten a atacantes remotos ejecutar código de su elección mediante vectores relacionados con valores grandes en ciertas entradas en (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, y (3) cff/cffload.c. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2009/May/msg • CWE-190: Integer Overflow or Wraparound •