Описание
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.4.4-7 |
| hardy | DNE | |
| karmic | released | 1.4.1-5ubuntu2.7 |
| lucid | released | 1.4.3-1ubuntu1.3 |
| maverick | released | 1.4.4-6ubuntu2.2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.2.2-0ubuntu0.6.06.20 |
| devel | DNE | |
| hardy | released | 1.3.7-1ubuntu3.12 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
9.3 Critical
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate me ...
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
EPSS
9.3 Critical
CVSS2
9.8 Critical
CVSS3