CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 1CVE-2002-1384
https://notcve.org/view.php?id=CVE-2002-1384
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. Desbordamiento de enteros en pdftops, usado en Xpdf 2.01 y anteriores, y CUPS antes de 1.1.18, permite a usuarios locales ejecutar código arbitrario mediante una entrada ColorSpace con un número de elementos largo, como ha sido demostrado por cups-pdf. • http://marc.info/?l=bugtraq&m=104152282309980&w=2 http://www.debian.org/security/2003/dsa-222 http://www.debian.org/security/2003/dsa-226 http://www.debian.org/security/2003/dsa-232 http://www.idefense.com/advisory/12.23.02.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002 http://www.novell.com/linux/security/advisories/2003_002_cups.html http://www.redhat.com/support/errata/ •
CVSS: 6.2EPSS: 0%CPEs: 11EXPL: 0CVE-2002-1366
https://notcve.org/view.php?id=CVE-2002-1366
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html http://marc.info/?l=bugtraq&m=104032149026670&w=2 http://www.debian.org/security/2003/dsa-232 http://www.idefense.com/advisory/12.19.02.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 http://www.novell.com/linux/security/advisories/2003_002_cups.html http://www.redhat.com/support/errata/RHSA-2002-295.html http://www.securityfocus.com/bid/6435 https://exchange.xforce.ibmcloud.com/ •
CVSS: 10.0EPSS: 1%CPEs: 15EXPL: 1CVE-2002-1367
https://notcve.org/view.php?id=CVE-2002-1367
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702 http://marc.info/?l=bugtraq&m=104032149026670&w=2 http://www.debian.org/security/2003/dsa-232 http://www.idefense.com/advisory/12.19.02.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 http://www.novell.com/linux/security/advisories/2003_002_cups.html http://www.redhat.com/support/errata/RHSA-2002-295.html http:// •
CVSS: 7.5EPSS: 5%CPEs: 15EXPL: 1CVE-2002-1371
https://notcve.org/view.php?id=CVE-2002-1371
filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. filters/image-gif.c en Common Unix Printing System (CUPS) 1.1.14 a 1.1.17 no comprueba adecuadamente imágenes GIF de tamaño cero, lo que permite a atacantes remotos ejecutar código arbitrario mediante cabeceras de trozos modificadas, como ha sido demostrado por nogif • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702 http://marc.info/?l=bugtraq&m=104032149026670&w=2 http://www.debian.org/security/2003/dsa-232 http://www.idefense.com/advisory/12.19.02.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 http://www.novell.com/linux/security/advisories/2003_002_cups.html http://www.redhat.com/support/errata/RHSA-2002-295.html http:// •
CVSS: 10.0EPSS: 5%CPEs: 15EXPL: 1CVE-2002-1369
https://notcve.org/view.php?id=CVE-2002-1369
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. jobs.c en Common Unix Printing System (CUPS) 1.1.14 a 1.1.17 no utiliza adecuadamente la llamada a la función strncat cuando procesa la opción string, lo que permite a atacantes remotos la ejecución arbitraria de código mediante un ataque de desbordamiento de búfer. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702 http://marc.info/?l=bugtraq&m=104032149026670&w=2 http://www.debian.org/security/2003/dsa-232 http://www.idefense.com/advisory/12.19.02.txt http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 http://www.novell.com/linux/security/advisories/2003_002_cups.html http://www.redhat.com/support/errata/RHSA-2002-295.html http:// •