Published: 05/11/2010 Updated: 02/02/2024

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

ipp.c in cupsd in CUPS 1.4.4 and previous versions does not properly allocate memory for attribute values with invalid string data types, which allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple cups
apple mac os x server
apple mac os x
fedoraproject fedora 13
fedoraproject fedora 12
fedoraproject fedora 14
canonical ubuntu linux 10.10
canonical ubuntu linux 9.10
canonical ubuntu linux 10.04
canonical ubuntu linux 8.04
canonical ubuntu linux 6.06
debian debian linux 5.0
opensuse opensuse 11.1
suse linux enterprise server 9
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux enterprise 11.0
suse linux enterprise 10.0
redhat enterprise linux server 5.0
redhat enterprise linux 6.0
redhat enterprise linux workstation 5.0
redhat enterprise linux 5.0
redhat enterprise linux desktop 5.0

Debian Bug report logs - #603344 cups: Incorrect memory handling in IPP - DOS / remote exploit (CVE-2010-2941) Package: cups; Maintainer for cups is Debian Printing Team <debian-printing@listsdebianorg>; Source for cups is src:cups (PTS, buildd, popcon) Reported by: Petter Reinholdtsen <pere@hungrycom> Date: Sat, ...

Emmanuel Bouillon discovered that CUPS did not properly handle certain Internet Printing Protocol (IPP) packets A remote attacker could use this flaw to cause a denial of service or possibly execute arbitrary code In the default installation in Ubuntu 804 LTS and later, attackers would be isolated by the CUPS AppArmor profile ...

Several vulnerabilities have been discovered in the Common UNIX Printing System: CVE-2008-5183 A null pointer dereference in RSS job completion notifications could lead to denial of service CVE-2009-3553 It was discovered that incorrect file descriptor handling could lead to denial of service CVE-2010-0540 A cross-site request for ...

CWE-416 http://www.osvdb.org/68951 http://securitytracker.com/id?1024662 http://www.securityfocus.com/bid/44530 http://rhn.redhat.com/errata/RHSA-2010-0811.html http://www.vupen.com/english/advisories/2010/2856 https://bugzilla.redhat.com/show_bug.cgi?id=624438 http://support.apple.com/kb/HT4435 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://secunia.com/advisories/42287 http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 http://www.redhat.com/support/errata/RHSA-2010-0866.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html http://www.vupen.com/english/advisories/2010/3042 http://www.vupen.com/english/advisories/2010/3088 http://www.ubuntu.com/usn/USN-1012-1 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html http://secunia.com/advisories/42867 http://www.vupen.com/english/advisories/2011/0061 http://www.vupen.com/english/advisories/2011/0535 http://www.debian.org/security/2011/dsa-2176 http://secunia.com/advisories/43521 http://security.gentoo.org/glsa/glsa-201207-10.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603344 https://usn.ubuntu.com/1012-1/https://nvd.nist.gov

CVE-2010-2941

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect