Computer Security
[EN] securityvulns.ru no-pyccku


cups multiple security vulnerabilities
Published:13.03.2014
Source:
SecurityVulns ID:13596
Type:library
Threat Level:
6/10
Description:Memory corruptions, code execution in urftopdf, pdftoopvp.
Affected:CUPS : cups-filters 1.0
CVE:CVE-2013-6476 (The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.)
 CVE-2013-6475 (Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.)
 CVE-2013-6474 (Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.)
 CVE-2013-6473 (Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.)
Original documentdocumentUBUNTU, [USN-2143-1] cups-filters vulnerabilities (13.03.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod