CVSS: 5.8EPSS: 94%CPEs: 1EXPL: 1CVE-2008-1373 – cups: overflow in gif image filter
https://notcve.org/view.php?id=CVE-2008-1373
Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484. Un desbordamiento de búfer en la función gif_read_lzw en CUPS versión 1.3.6, permite a los atacantes remotos tener un impacto desconocido por medio de un archivo GIF con un valor code_size grande, un problema similar a CVE-2006-4484. • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html http://secunia.com/advisories/29573 http://secunia.com/advisories/29603 http://secunia.com/advisories/29630 http://secunia.com/advisories/29634 http://secunia.com/advisories/29655 http://secunia.com/advisories/29659 http://secunia.com/advisories/29661 http://secunia.com/advisories/29750 http://secunia.com/advisories/31324 http://security.gentoo.org/glsa/glsa-200804-01.xml http://wiki.rpath.com/Advisori • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 11%CPEs: 10EXPL: 0CVE-2008-0596 – cups: memory leak handling IPP browse requests
https://notcve.org/view.php?id=CVE-2008-0596
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers. Fuga de memoria en CUPS versiones anteriores a 1.1.22 y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y caída del demonio) a través de un gran número de peticiones para añadir y eliminar impresoras compartidas. • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00000.html http://secunia.com/advisories/29087 http://secunia.com/advisories/29189 http://secunia.com/advisories/29251 http://secunia.com/advisories/29420 http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm http://wiki.rpath • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.0EPSS: 11%CPEs: 10EXPL: 0CVE-2008-0597 – cups: dereference of free'd memory handling IPP browse requests
https://notcve.org/view.php?id=CVE-2008-0597
Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets. Vulnerabilidad de uso después de liberación (use-after-free) en CUPS antes de 1.1.22 y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio (caída) a través de paquetes IPP manipulados. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00000.html http://secunia.com/advisories/29087 http://secunia.com/advisories/29189 http://secunia.com/advisories/29251 http://support.avaya.com/elmodocs2/security/ASA-2008-084.htm http://support.avaya.com/elmodocs2/security/ASA-2008-098.htm http://wiki.rpath.com/Advisories:rPSA-2008-0091 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0091 http://www.mandriva.com/security/advisories?name=MDVSA-2008:050 http://www. • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 43%CPEs: 6EXPL: 1CVE-2007-5849 – Common UNIX Printing System 1.2/1.3 SNMP - 'asn1_get_string()' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5849
Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow. Un subdesbordamiento de enteros en la función asn1_get_string en el back end de SNMP (backend/snmp.c) para CUPS versiones 1.2 hasta 1.3.4, permite a los atacantes remotos ejecutar código arbitrario por medio de una respuesta SNMP especialmente diseñada que desencadena un desbordamiento de búfer en la región stack de la memoria. • https://www.exploit-db.com/exploits/30898 http://bugs.gentoo.org/show_bug.cgi?id=201570 http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html http://secunia.com/advisories/28113 http://secunia.com/advisories/28129 http://secunia.com/advisories/28136 http://secunia.com/advisories/28200 http://secunia.com/advisories/28386 http:// • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 95%CPEs: 83EXPL: 3CVE-2007-0018 – Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Overflow
https://notcve.org/view.php?id=CVE-2007-0018
Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x. Un desbordamiento de búfer en la región stack de la memoria en el control ActiveX NCTAudioFile2.AudioFile (NCTAudioFile2.dll), tal y como es usado en varios productos, permite a atacantes remotos ejecutar código arbitrario por medio de un argumento largo a la función SetFormatLikeSample. NOTA: los productos incluyen (1) NCTsoft NCTAudioStudio, NCTAudioEditor and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. • https://www.exploit-db.com/exploits/3728 https://www.exploit-db.com/exploits/3808 https://www.exploit-db.com/exploits/16603 http://secunia.com/advisories/22922 http://secunia.com/advisories/23475 http://secunia.com/advisories/23485 http://secunia.com/advisories/23493 http://secunia.com/advisories/23495 http://secunia.com/advisories/23511 http://secunia.com/advisories/23516 http://secunia.com/advisories/23530 http://secunia.com/advisories/23532 http://secunia.com/ad • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •