Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple cups 1.1.17 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2002-1372
Common Unix Printing System (CUPS) 1.1.14 up to and including 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote malicious user to cause a denial of service (resource exhaustion) by causing file descriptors to be ass...
Apple Cups
Apple Mac Os X 10.2.2
Apple Mac Os X 10.2
Debian Debian Linux 2.2
Debian Debian Linux 3.0
NA
CVE-2011-3170
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and previous versions does not properly handle the first code word in an LZW stream, which allows remote malicious users to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted strea...
Apple Cups 1.1.20
Apple Cups 1.4
Apple Cups 1.1.5-2
Apple Cups 1.3.9
Apple Cups 1.1.14
Apple Cups 1.3
Apple Cups 1.1.6-1
Apple Cups 1.1.18
Apple Cups 1.1.12
Apple Cups 1.3.11
Apple Cups 1.1.5-1
Apple Cups 1.3.3
Apple Cups 1.1.22
Apple Cups 1.2.0
Apple Cups 1.1.16
Apple Cups 1.4.1
Apple Cups 1.3.1
Apple Cups 1.1.23
Apple Cups 1.1.15
Apple Cups 1.1.17
Apple Cups 1.2.4
Apple Cups 1.1.19
NA
CVE-2010-2431
The cupsFileOpen function in CUPS prior to 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.
Apple Cups 1.1.20
Apple Cups 1.1.5-2
Apple Cups 1.3.9
Apple Cups 1.1.14
Apple Cups 1.3
Apple Cups 1.1.6-1
Apple Cups 1.1.18
Apple Cups 1.1.12
Apple Cups
Apple Cups 1.3.11
Apple Cups 1.1.5-1
Apple Cups 1.3.3
Apple Cups 1.1.22
Apple Cups 1.2.0
Apple Cups 1.1.16
Apple Cups 1.4.1
Apple Cups 1.3.1
Apple Cups 1.1.23
Apple Cups 1.1.15
Apple Cups 1.1.17
Apple Cups 1.2.4
Apple Cups 1.1.19
NA
CVE-2010-2432
The cupsDoAuthentication function in auth.c in the client in CUPS prior to 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.
Apple Cups 1.1.20
Apple Cups 1.1.5-2
Apple Cups 1.3.9
Apple Cups 1.1.14
Apple Cups 1.3
Apple Cups 1.1.6-1
Apple Cups 1.1.18
Apple Cups 1.1.12
Apple Cups
Apple Cups 1.3.11
Apple Cups 1.1.5-1
Apple Cups 1.3.3
Apple Cups 1.1.22
Apple Cups 1.2.0
Apple Cups 1.1.16
Apple Cups 1.4.1
Apple Cups 1.3.1
Apple Cups 1.1.23
Apple Cups 1.1.15
Apple Cups 1.1.17
Apple Cups 1.2.4
Apple Cups 1.1.19
NA
CVE-2010-0542
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS prior to 1.4.4 does not check the return values of certain calloc calls, which allows remote malicious users to cause a denial of service (NULL pointer dereference or heap memory corruption) ...
Apple Cups 1.1.20
Apple Cups 1.1.5-2
Apple Cups 1.3.9
Apple Cups 1.1.14
Apple Cups 1.3
Apple Cups 1.1.6-1
Apple Cups 1.1.18
Apple Cups 1.1.12
Apple Cups
Apple Cups 1.3.11
Apple Cups 1.1.5-1
Apple Cups 1.3.3
Apple Cups 1.1.22
Apple Cups 1.2.0
Apple Cups 1.1.16
Apple Cups 1.4.1
Apple Cups 1.3.1
Apple Cups 1.1.23
Apple Cups 1.1.15
Apple Cups 1.1.17
Apple Cups 1.2.4
Apple Cups 1.1.19
NA
CVE-2010-1748
The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS prior to 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 prior to 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subseque...
Apple Cups
Apple Cups 1.1
Apple Cups 1.1.1
Apple Cups 1.1.2
Apple Cups 1.1.3
Apple Cups 1.1.4
Apple Cups 1.1.5
Apple Cups 1.1.5-1
Apple Cups 1.1.5-2
Apple Cups 1.1.6
Apple Cups 1.1.6-1
Apple Cups 1.1.6-2
Apple Cups 1.1.6-3
Apple Cups 1.1.7
Apple Cups 1.1.8
Apple Cups 1.1.9
Apple Cups 1.1.9-1
Apple Cups 1.1.10
Apple Cups 1.1.10-1
Apple Cups 1.1.11
Apple Cups 1.1.12
Apple Cups 1.1.13
1 EDB exploit
NA
CVE-2009-1196
The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote malicious users to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw."...
Apple Cups 1.1.22
Apple Cups 1.1.17
NA
CVE-2009-0791
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a craf...
Apple Cups 1.1.22
Apple Cups 1.1.17
Apple Cups 1.3.7
NA
CVE-2009-0164
The web interface for CUPS prior to 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote malicious users to conduct DNS rebinding attacks.
Apple Cups 1.1.20
Apple Cups 1.1.5-2
Apple Cups 1.1.14
Apple Cups 1.3
Apple Cups 1.1.6-1
Apple Cups 1.1.18
Apple Cups 1.1.12
Apple Cups 1.1.5-1
Apple Cups 1.3.3
Apple Cups 1.1.22
Apple Cups 1.2.0
Apple Cups 1.1.16
Apple Cups 1.3.1
Apple Cups 1.1.23
Apple Cups 1.1.15
Apple Cups 1.1.17
Apple Cups 1.2.4
Apple Cups 1.1.19
Apple Cups 1.3.2
Apple Cups 1.1.7
Apple Cups 1.2
Apple Cups 1.1.6-2
NA
CVE-2009-1179
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and previous versions, CUPS 1.3.9 and previous versions, Poppler prior to 0.10.6, and other products allows remote malicious users to execute arbitrary code via a crafted PDF file.
Foolabs Xpdf 0.91c
Foolabs Xpdf 0.91b
Foolabs Xpdf 0.93b
Foolabs Xpdf 1.00a
Foolabs Xpdf 0.91a
Foolabs Xpdf 0.92e
Foolabs Xpdf 0.5a
Foolabs Xpdf 0.92b
Foolabs Xpdf 0.93c
Foolabs Xpdf 0.92c
Foolabs Xpdf 0.7a
Foolabs Xpdf 0.93a
Foolabs Xpdf 0.92d
Foolabs Xpdf 0.92a
Glyphandcog Xpdfreader 0.2
Glyphandcog Xpdfreader 0.3
Glyphandcog Xpdfreader 0.4
Glyphandcog Xpdfreader 0.5
Glyphandcog Xpdfreader 0.6
Glyphandcog Xpdfreader 0.80
Glyphandcog Xpdfreader 0.90
Glyphandcog Xpdfreader 1.00
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »