Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2007-4351

Published: 31/10/2007 Updated: 03/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Cups

Vulnerability Summary

Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote malicious users to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

cups cups

Vendor Advisories

Debian CVElist Bug Report Logs: [CVE-2007-4351] CUPS IPP Tags Memory Corruption Vulnerability
Debian Bug report logs - #448866 [CVE-2007-4351] CUPS IPP Tags Memory Corruption Vulnerability Package: cupsys; Maintainer for cupsys is (unknown); Reported by: Daniel Leidert <danielleidert@wgddde> Date: Thu, 1 Nov 2007 14:21:01 UTC Severity: grave Tags: patch Found in version cupsys/132-1 Fixed in version cupsys/1 ...
Ubuntu Security Notice: cupsys vulnerability
Alin Rad Pop discovered that CUPS did not correctly validate buffer lengths when processing IPP tags Remote attackers successfully exploiting this vulnerability would gain access to the non-root CUPS user in Ubuntu 606 LTS, 610, and 704 In Ubuntu 710, attackers would be isolated by the AppArmor CUPS profile ...
Debian Security Advisories: DSA-1407-1 cupsys -- buffer overflow
Alin Rad Pop discovered that the Common UNIX Printing System is vulnerable to an off-by-one buffer overflow in the code to process IPP packets, which may lead to the execution of arbitrary code The cupsys version in the old stable distribution (sarge) is not vulnerable to arbitrary code execution For the stable distribution (etch), this probl ...

References

CWE-189http://secunia.com/secunia_research/2007-76/advisory/http://secunia.com/advisories/27233http://www.cups.org/str.php?L2561https://issues.rpath.com/browse/RPL-1875https://bugzilla.redhat.com/show_bug.cgi?id=361661http://support.avaya.com/elmodocs2/security/ASA-2007-476.htmhttp://www.debian.org/security/2007/dsa-1407https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00012.htmlhttp://security.gentoo.org/glsa/glsa-200711-16.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:204http://www.redhat.com/support/errata/RHSA-2007-1020.htmlhttp://www.redhat.com/support/errata/RHSA-2007-1022.htmlhttp://www.redhat.com/support/errata/RHSA-2007-1023.htmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.501902http://www.novell.com/linux/security/advisories/2007_58_cups.htmlhttp://www.kb.cert.org/vuls/id/446897http://www.securityfocus.com/bid/26268http://www.securitytracker.com/id?1018879http://secunia.com/advisories/27410http://secunia.com/advisories/27445http://secunia.com/advisories/27474http://secunia.com/advisories/27447http://secunia.com/advisories/27494http://secunia.com/advisories/27499http://secunia.com/advisories/27540http://secunia.com/advisories/27577http://secunia.com/advisories/27604http://secunia.com/advisories/27712http://docs.info.apple.com/article.html?artnum=307179http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlhttp://www.us-cert.gov/cas/techalerts/TA07-352A.htmlhttp://secunia.com/advisories/28136http://www.cisco.com/en/US/products/products_security_response09186a00809a1f11.htmlhttp://secunia.com/advisories/30847http://www.vupen.com/english/advisories/2007/4238http://www.vupen.com/english/advisories/2007/3681http://www.vupen.com/english/advisories/2008/1934/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/38190https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10604https://usn.ubuntu.com/539-1/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448866https://usn.ubuntu.com/539-1/https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/446897
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook