Easy Software Products » Cups : Security Vulnerabilities, CVEs, (Overflow)
Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.
Max CVSS
5.8
EPSS Score
95.40%
Published
2008-04-04
Updated
2018-10-11
Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.
Max CVSS
9.3
EPSS Score
42.90%
Published
2007-12-19
Updated
2017-07-29
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
Max CVSS
7.5
EPSS Score
0.66%
Published
2005-04-27
Updated
2017-10-11
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file.
Max CVSS
6.5
EPSS Score
8.62%
Published
2005-01-10
Updated
2018-10-03
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
Max CVSS
9.3
EPSS Score
6.20%
Published
2005-01-10
Updated
2018-10-03
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
Max CVSS
10.0
EPSS Score
0.76%
Published
2005-01-27
Updated
2008-09-05
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
Max CVSS
7.2
EPSS Score
0.06%
Published
2003-01-02
Updated
2018-05-03
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
Max CVSS
10.0
EPSS Score
5.43%
Published
2002-12-26
Updated
2017-10-10
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
Max CVSS
7.5
EPSS Score
1.59%
Published
2002-03-08
Updated
2018-05-03
Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line.
Max CVSS
10.0
EPSS Score
0.35%
Published
2001-05-03
Updated
2017-10-10
10 vulnerabilities found