Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cups
(Apple)| Repositories | https://github.com/apple/cups |
| #Vulnerabilities | 56 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-04-23 | CVE-2009-0799 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read. | Cups, Xpdf, Xpdfreader, Poppler | N/A | ||
| 2009-04-23 | CVE-2009-0195 | Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments. | Cups, Xpdf, Xpdfreader | N/A | ||
| 2009-04-23 | CVE-2009-0166 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory. | Cups, Xpdf, Xpdfreader, Poppler | N/A | ||
| 2009-04-24 | CVE-2009-0164 | The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks. | Cups | N/A | ||
| 2009-04-23 | CVE-2009-0163 | Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow. | Cups | N/A | ||
| 2009-04-23 | CVE-2009-0147 | Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. | Cups, Xpdf, Xpdfreader | N/A | ||
| 2009-04-23 | CVE-2009-0146 | Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg. | Cups, Xpdf, Xpdfreader | N/A | ||
| 2009-01-27 | CVE-2009-0032 | CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file. | Cups | N/A | ||
| 2008-12-08 | CVE-2008-5377 | pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333. | Cups | N/A | ||
| 2008-12-01 | CVE-2008-5286 | Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow. | Cups | N/A |