Описание
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 3 | cups | Not affected | ||
| Red Hat Enterprise Linux 4 | cups | Not affected | ||
| Red Hat Enterprise Linux 5 | cups | Fixed | RHSA-2010:0811 | 29.10.2010 |
| Red Hat Enterprise Linux 6 | cups | Fixed | RHSA-2010:0866 | 10.11.2010 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS2
Связанные уязвимости
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate me ...
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
EPSS
3.3 Low
CVSS2