Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cups cups 1.3.5 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-0047
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote malicious users to execute arbitrary code via crafted search expressions.
Cups Cups 1.3.5
10
CVSSv2
CVE-2008-0882
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote malicious users to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipula...
Cups Cups 1.3.5
7.5
CVSSv2
CVE-2008-5286
Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 up to and including 1.3.9 allows remote malicious users to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.
Apple Cups 1.1.19
Apple Cups 1.1.20
Apple Cups 1.1.22
Apple Cups 1.1.23
Apple Cups 1.2.3
Apple Cups 1.2.4
Apple Cups 1.2
Apple Cups 1.3.5
Apple Cups 1.3.6
Apple Cups 1.1.17
Apple Cups 1.1.18
Apple Cups 1.1.21
Apple Cups 1.2.10
Apple Cups 1.2.11
Apple Cups 1.2.7
Apple Cups 1.2.8
Apple Cups 1.3.0
Apple Cups 1.3.1
Apple Cups 1.3
Apple Cups 1.2.0
Apple Cups 1.2.1
Apple Cups 1.2.5
6.4
CVSSv2
CVE-2009-0164
The web interface for CUPS prior to 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote malicious users to conduct DNS rebinding attacks.
Apple Cups 1.1.11
Apple Cups 1.1.14
Apple Cups 1.1.19
Apple Cups 1.1.16
Apple Cups 1.1.20
Apple Cups 1.1.22
Apple Cups 1.1.9
Apple Cups 1.1.9-1
Apple Cups 1.1.6-1
Apple Cups 1.2.6
Apple Cups 1.2.4
Apple Cups 1.2.3
Apple Cups 1.3.0
Apple Cups 1.2
Apple Cups 1.3.1
Apple Cups 1.3
Apple Cups 1.1
Apple Cups 1.1.10-1
Apple Cups 1.1.13
Apple Cups 1.1.18
Apple Cups 1.1.17
Apple Cups 1.1.21
6.8
CVSSv2
CVE-2009-0163
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and previous versions allows remote malicious users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageRead...
Apple Cups 1.3.6
Apple Cups 1.1.3
Apple Cups 1.1.4
Apple Cups 1.1.6-2
Apple Cups 1.1.8
Apple Cups 1.1.11
Apple Cups 1.1.14
Apple Cups 1.1.19
Apple Cups 1.1.20
Apple Cups 1.1.21
Apple Cups 1.2
Apple Cups 1.1.23
Apple Cups 1.2.2
Apple Cups 1.2.6
Apple Cups 1.3
Apple Cups 1.3.5
Apple Cups 1.3.8
Apple Cups 1.1.5-1
Apple Cups 1.1.5-2
Apple Cups 1.1.9-1
Apple Cups 1.1.10-1
Apple Cups 1.1.15
7.5
CVSSv2
CVE-2008-3639
Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS prior to 1.3.9 allows remote malicious users to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.
Apple Cups 1.1.11
Apple Cups 1.1.14
Apple Cups 1.1.19
Apple Cups 1.1.16
Apple Cups 1.1.20
Apple Cups 1.1.22
Apple Cups 1.2.1
Apple Cups 1.2.0
Apple Cups 1.1.8
Apple Cups 1.1.7
Apple Cups 1.2.10
Apple Cups 1.2.11
Apple Cups 1.2.9
Apple Cups 1.3.0
Apple Cups 1.3
Apple Cups 1.3.4
Apple Cups 1.1.10-1
Apple Cups 1.1.1
Apple Cups 1.1.2
Apple Cups 1.1.21
Apple Cups 1.1.5-2
Apple Cups 1.1.3
6.8
CVSSv2
CVE-2008-3640
Integer overflow in the WriteProlog function in texttops in CUPS prior to 1.3.9 allows remote malicious users to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
Apple Cups 1.1.11
Apple Cups 1.1.14
Apple Cups 1.1.13
Apple Cups 1.1.16
Apple Cups 1.1.18
Apple Cups 1.1.20
Apple Cups 1.1.1
Apple Cups 1.1.10
Apple Cups 1.1.19
Apple Cups 1.1.21
Apple Cups 1.1.3
Apple Cups 1.1.4
Apple Cups 1.1.15
Apple Cups 1.1.12
Apple Cups 1.1.23
Apple Cups 1.1.22
Apple Cups 1.1.5
Apple Cups 1.2.1
Apple Cups 1.1.6-2
Apple Cups 1.1.8
Apple Cups 1.2.7
Apple Cups 1.2.8
10
CVSSv2
CVE-2008-3641
The Hewlett-Packard Graphics Language (HPGL) filter in CUPS prior to 1.3.9 allows remote malicious users to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
Apple Cups
Apple Cups 1.3.0
Apple Cups 1.3
Apple Cups 1.2.8
Apple Cups 1.2.7
Apple Cups 1.2.0
Apple Cups 1.2
Apple Cups 1.1.22
Apple Cups 1.1.20
Apple Cups 1.1.19
Apple Cups 1.1.18
Apple Cups 1.1.11
Apple Cups 1.1.10-1
Apple Cups 1.1.6-2
Apple Cups 1.1.6-1
Apple Cups 1.1.1
Apple Cups 1.1
Apple Cups 1.3.4
Apple Cups 1.3.3
Apple Cups 1.2.12
Apple Cups 1.2.11
Apple Cups 1.2.4
1 EDB exploit
10
CVSSv2
CVE-2008-5184
The web interface (cgi-bin/admin.c) in CUPS prior to 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote malicious users to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription f...
Apple Cups 1.1.10-1
Apple Cups 1.1.1
Apple Cups 1.1.10
Apple Cups 1.1.19
Apple Cups 1.1.2
Apple Cups 1.1.20
Apple Cups 1.1.21
Apple Cups 1.1.5-2
Apple Cups 1.1.3
Apple Cups 1.1.8
Apple Cups 1.1.7
Apple Cups 1.2.10
Apple Cups 1.2.11
Apple Cups 1.2
Apple Cups 1.3.3
Apple Cups 1.3.6
Apple Cups 1.1.15
Apple Cups 1.1.12
Apple Cups 1.1.23
Apple Cups 1.1.22
Apple Cups 1.1.4
Apple Cups 1.1.5
6.8
CVSSv2
CVE-2010-0542
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS prior to 1.4.4 does not check the return values of certain calloc calls, which allows remote malicious users to cause a denial of service (NULL pointer dereference or heap memory corruption) ...
Apple Cups 1.1.1
Apple Cups 1.1.5-1
Apple Cups 1.1.5
Apple Cups 1.1.9
Apple Cups 1.1.9-1
Apple Cups 1.1.16
Apple Cups 1.1.15
Apple Cups 1.1.19
Apple Cups 1.1.20
Apple Cups 1.1.22
Apple Cups 1.2.1
Apple Cups 1.2.0
Apple Cups 1.3.9
Apple Cups 1.2.7
Apple Cups 1.3
Apple Cups 1.3.8
Apple Cups 1.3.7
Apple Cups 1.1.5-2
Apple Cups 1.1.6
Apple Cups 1.1.10-1
Apple Cups 1.1.10
Apple Cups 1.1.18
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »