Search CVE reports
31 – 40 of 77 results
CVE-2009-0146
Medium prioritySome fixes available 21 of 51
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to...
14 affected packages
cups, cupsys, evince, gpdf, ipe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | Not affected |
| cupsys | — | — | — | — | Not in release |
| evince | — | — | — | — | Not affected |
| gpdf | — | — | — | — | Not in release |
| ipe | — | — | — | — | Not affected |
| kdegraphics | — | — | — | — | Not in release |
| koffice | — | — | — | — | Not in release |
| libextractor | — | — | — | — | Not affected |
| pdfkit.framework | — | — | — | — | Not in release |
| pdftohtml | — | — | — | — | Not in release |
| poppler | — | — | — | — | Fixed |
| tetex-bin | — | — | — | — | Not in release |
| texlive-bin | — | — | — | — | Not affected |
| xpdf | — | — | — | — | Not affected |
CVE-2009-0032
Unknown priorityCUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2008-5377
Low prioritypstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2008-5286
Medium priorityInteger overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2008-5184
Low priorityThe web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2008-5183
Medium prioritycupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2008-3640
Medium priorityInteger overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2008-3639
Medium priorityHeap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2008-3641
High priorityThe Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2008-1722
Medium prioritySome fixes available 4 of 5
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
1 affected packages
cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cupsys | — | — | — | — | — |