Page 6 of 72 results (0.004 seconds)

CVSS: 6.8EPSS: 3%CPEs: 3EXPL: 0

Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179. Múltiples desbordamientos de entero en el filtro pdftops en CUPS v1.1.17, v1.1.22 y v1.3.7 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar código de su elección mediante un fichero PDF manipulado que dispara una desbordamiento de búfer basado en memoria dinámica (heap), posiblemente relacionado con (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx y (5) PSOutputDev.cxx en pdftops/. NOTA: el vector JBIG2Stream.cxx podría solapar CVE-2009-1179. • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35340 http://secunia.com/advisories/35685 http://secunia.com/advisories/37023 http://secunia.com/advisories/37028 http://secunia.com/advisories/37037 http://secunia.com/advisories/37043 http://secunia.com/advisories/37077 http://secunia.com/advisories/37079 http://securitytracker.com/id?1022326 http://www.mandriva.com/security/advisories?name=MDVSA-2009:334 http://www.redhat. • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 5.0EPSS: 5%CPEs: 2EXPL: 0

The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw." La funcionalidad directory-services en el planificador (scheduler) en CUPS v1.1.17 y v1.1.22 permite a atacantes remotos provocar una denegación de servicio (parada o caída del demonio cupsd) mediante la manipulación de la cadencia de los paquetes de navegación CUPS, en relación con el problema de punteros "uso después de borrado" ("pointer use-after-delete flaw"). • http://secunia.com/advisories/35340 http://securitytracker.com/id?1022327 http://www.redhat.com/support/errata/RHSA-2009-1083.html http://www.securityfocus.com/bid/35194 http://www.vupen.com/english/advisories/2009/1488 https://bugzilla.redhat.com/show_bug.cgi?id=497135 https://exchange.xforce.ibmcloud.com/vulnerabilities/50944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11217 https://access.redhat.com/security/cve/CVE-2009-1196 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 6%CPEs: 15EXPL: 3

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags. La función ippReadIO en cups/ipp.c en cupsd en CUPS antes de la versión 1.3.10 no inicia de manera apropiada la memoria para paquetes de solicitud IPP, lo que permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída del demonio) mediante una solicitud de programación (scheduler) con dos etiquetas IPP_TAG_UNSUPPORTED consecutivas. • https://www.exploit-db.com/exploits/33020 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35322 http://secunia.com/advisories/35328 http://secunia.com/advisories/35340 http://secunia.com/advisories/35342 http://secunia.com/advisories/35685 http://secunia.com/advisories/36701 http://securitytracker.com/id?1022321 http://support.apple.com/kb/HT3865 http&# • CWE-476: NULL Pointer Dereference CWE-908: Use of Uninitialized Resource •

CVSS: 6.4EPSS: 1%CPEs: 78EXPL: 0

The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks. La interfaz web de CUPS antes de v1.3.10 no valida la cabecera HTTP Host en una solicitud de un cliente, lo que facilita para realizar ataques de revinculación de DNS a atacantes remotos. • http://bugs.gentoo.org/show_bug.cgi?id=263070 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/35074 http://security.gentoo.org/glsa/glsa-200904-20.xml http://support.apple.com/kb/HT3549 http://wiki.rpath.com/Advisories:rPSA-2009-0061 http://www.cups.org/articles.php?L582 http://www.cups.org/str.php?L3118 http://www.securityfocus.com/archive/1/502750/100/0/threaded http://www.securityfocus.com/bid/34665 http • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 42%CPEs: 35EXPL: 0

Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments. Desbordamiento de búfer basado en montículo en Xpdf v3.02p12 y anteriores, CUPS v1.3.9 y probablemente otros productos, permite a atacantes remotos ejecutar código de forma arbitraria a través de un fichero PDF con segmentos JBIG2 de diccionario simbólico manipulados. • http://rhn.redhat.com/errata/RHSA-2009-0458.html http://secunia.com/advisories/34291 http://secunia.com/advisories/34481 http://secunia.com/advisories/34756 http://secunia.com/advisories/34963 http://secunia.com/advisories/35064 http://secunia.com/secunia_research/2009-17 http://secunia.com/secunia_research/2009-18 http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 http://www.redhat.com/support/errata/RHSA-2009-0480.html http://www.securityfocus.com/archive/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •