ipp.c in cupsd in CUPS 1.4.4 and previous versions does not properly allocate memory for attribute values with invalid string data types, which allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple cups |
||
apple mac os x server |
||
apple mac os x |
||
fedoraproject fedora 13 |
||
fedoraproject fedora 12 |
||
fedoraproject fedora 14 |
||
canonical ubuntu linux 10.10 |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |
||
debian debian linux 5.0 |
||
opensuse opensuse 11.1 |
||
suse linux enterprise server 9 |
||
opensuse opensuse 11.2 |
||
opensuse opensuse 11.3 |
||
suse linux enterprise 11.0 |
||
suse linux enterprise 10.0 |
||
redhat enterprise linux server 5.0 |
||
redhat enterprise linux 6.0 |
||
redhat enterprise linux workstation 5.0 |
||
redhat enterprise linux 5.0 |
||
redhat enterprise linux desktop 5.0 |