Total
35 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5849 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-09 | 9.3 HIGH | N/A |
| Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow. | |||||
| CVE-2008-1373 | 1 Easy Software Products | 1 Cups | 2025-04-09 | 5.8 MEDIUM | N/A |
| Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484. | |||||
| CVE-2008-0596 | 2 Easy Software Products, Redhat | 3 Cups, Desktop, Enterprise Linux | 2025-04-09 | 5.0 MEDIUM | N/A |
| Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers. | |||||
| CVE-2008-0597 | 2 Easy Software Products, Redhat | 3 Cups, Desktop, Enterprise Linux | 2025-04-09 | 5.0 MEDIUM | N/A |
| Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets. | |||||
| CVE-2002-1371 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 7.5 HIGH | N/A |
| filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif. | |||||
| CVE-2004-0558 | 1 Easy Software Products | 1 Cups | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port. | |||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | |||||
| CVE-2004-1269 | 2 Easy Software Products, Redhat | 2 Cups, Fedora Core | 2025-04-03 | 5.0 MEDIUM | N/A |
| lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. | |||||
| CVE-2002-1369 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 10.0 HIGH | N/A |
| jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
| CVE-2002-1366 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 6.2 MEDIUM | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream. | |||||
| CVE-2004-0927 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2025-04-03 | 5.0 MEDIUM | N/A |
| ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions. | |||||
| CVE-2002-1368 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 7.5 HIGH | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding. | |||||
| CVE-2004-1267 | 2 Easy Software Products, Redhat | 2 Cups, Fedora Core | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. | |||||
| CVE-2001-1332 | 1 Easy Software Products | 1 Cups | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code. | |||||
| CVE-2005-2525 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 5.0 MEDIUM | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt). | |||||
| CVE-2002-1367 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2025-04-03 | 10.0 HIGH | N/A |
| Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate for the administration server via a "need authorization" page, as demonstrated by new-coke. | |||||
| CVE-2002-0063 | 1 Easy Software Products | 1 Cups | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values. | |||||
| CVE-2005-2874 | 1 Easy Software Products | 1 Cups | 2025-04-03 | 5.0 MEDIUM | N/A |
| The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request. | |||||
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | |||||
| CVE-2004-1125 | 3 Easy Software Products, Kde, Xpdf | 3 Cups, Kde, Xpdf | 2025-04-03 | 9.3 HIGH | N/A |
| Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. | |||||