CVSS: 9.8EPSS: 5%CPEs: 15EXPL: 1CVE-2002-1371
https://notcve.org/view.php?id=CVE-2002-1371
26 Dec 2002 — filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. filters/image-gif.c en Common Unix Printing System (CUPS) 1.1.14 a 1.1.17 no comprueba adecuadamente imágenes GIF de tamaño cero, lo que permite a atacantes remotos ejecutar código arbitrario mediante cabeceras de trozos modificadas, como ha sido demostrado por nogif • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html •
CVSS: 9.8EPSS: 26%CPEs: 15EXPL: 2CVE-2002-1368 – CUPS 1.1.x - Negative Length HTTP Header
https://notcve.org/view.php?id=CVE-2002-1368
20 Dec 2002 — Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. • https://www.exploit-db.com/exploits/22106 •
CVSS: 10.0EPSS: 16%CPEs: 15EXPL: 1CVE-2002-1383
https://notcve.org/view.php?id=CVE-2002-1383
20 Dec 2002 — Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. Múltiples desbordamientos de enteros en Common Unix Printing System (CUPS) 1.1.14 a 1.1.17 permiten a atacantes remotos ejecutar código arbitrario mediante el interfaz HTTP CUPSd, como ha sido demostrado por vanilla-coke, y el código ... • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-004.0.txt •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0063
https://notcve.org/view.php?id=CVE-2002-0063
08 Mar 2002 — Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values. El desbordamiento del búfer en la función ippRead de CUPS anteriores a la 1.1.14 podrían permitir a atacantes ejecutar código arbitrario mediante valores largos en los atributos 'names' o 'language'. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-008.0.txt •