Search CVE reports
11 – 20 of 77 results
CVE-2010-0302
Medium priorityUse-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-3553
Medium priorityUse-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-2820
Medium prioritySome fixes available 5 of 6
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-2807
Low priorityHeap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors.
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-1196
Medium priorityThe directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-0949
Medium priorityThe ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-0791
Medium priorityMultiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash)...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-0164
Low priorityThe web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-0163
Medium priorityInteger overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly...
2 affected packages
cups, cupsys
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | — | — | — | — |
| cupsys | — | — | — | — | — |
CVE-2009-1188
Medium prioritySome fixes available 34 of 74
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to...
14 affected packages
cups, cupsys, evince, gpdf, ipe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cups | — | Not affected | Not affected | Not affected | Not affected |
| cupsys | — | Not in release | Not in release | Not in release | Not in release |
| evince | — | Not affected | Not affected | Not affected | Not affected |
| gpdf | — | Not in release | Not in release | Not in release | Not in release |
| ipe | — | Not affected | Not affected | Not affected | Not affected |
| kdegraphics | — | Not in release | Not in release | Not in release | Not in release |
| koffice | — | Not in release | Not in release | Not in release | Not in release |
| libextractor | — | Not affected | Not affected | Not affected | Not affected |
| pdfkit.framework | — | Not in release | Not in release | Not in release | Not in release |
| pdftohtml | — | Not in release | Not in release | Not in release | Not in release |
| poppler | — | Fixed | Fixed | Fixed | Fixed |
| tetex-bin | — | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | — | Not affected | Not affected | Not affected | Not affected |
| xpdf | — | Not affected | Not in release | Not affected | Not affected |