[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2007-4351Date: (C)2007-10-31   (M)2018-02-19


Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1018879
http://www.cisco.com/en/US/products/products_security_response09186a00809a1f11.html
BID-26268
SECUNIA-27233
SECUNIA-27410
SECUNIA-27445
SECUNIA-27447
SECUNIA-27474
SECUNIA-27494
SECUNIA-27499
SECUNIA-27540
SECUNIA-27577
SECUNIA-27604
SECUNIA-27712
SECUNIA-28136
SECUNIA-30847
ADV-2007-3681
ADV-2007-4238
ADV-2008-1934
APPLE-SA-2007-12-17
DSA-1407
FEDORA-2007-2715
GLSA-200711-16
MDKSA-2007:204
RHSA-2007:1020
RHSA-2007:1022
RHSA-2007:1023
SSA:2007-305-01
SUSE-SA:2007:058
TA07-352A
USN-539-1
VU#446897
cups-ippreadio-bo(38190)
http://docs.info.apple.com/article.html?artnum=307179
http://secunia.com/secunia_research/2007-76/advisory/
http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm
http://www.cups.org/str.php?L2561
https://bugzilla.redhat.com/show_bug.cgi?id=361661
https://issues.rpath.com/browse/RPL-1875

CWE    1
CWE-189

© SecPod Technologies