[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-4351

Date: (C)2007-10-31   (M)2017-10-04 


Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.

CVSS Score: 10.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1018879
http://www.cisco.com/en/US/products/products_security_response09186a00809a1f11.html
BID-26268
SECUNIA-27233
SECUNIA-27410
SECUNIA-27445
SECUNIA-27447
SECUNIA-27474
SECUNIA-27494
SECUNIA-27499
SECUNIA-27540
SECUNIA-27577
SECUNIA-27604
SECUNIA-27712
SECUNIA-28136
SECUNIA-30847
ADV-2007-3681
ADV-2007-4238
ADV-2008-1934
APPLE-SA-2007-12-17
DSA-1407
FEDORA-2007-2715
GLSA-200711-16
MDKSA-2007:204
RHSA-2007:1020
RHSA-2007:1022
RHSA-2007:1023
SSA:2007-305-01
SUSE-SA:2007:058
TA07-352A
USN-539-1
VU#446897
cups-ippreadio-bo(38190)
http://docs.info.apple.com/article.html?artnum=307179
http://secunia.com/secunia_research/2007-76/advisory/
http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm
http://www.cups.org/str.php?L2561
https://bugzilla.redhat.com/show_bug.cgi?id=361661
https://issues.rpath.com/browse/RPL-1875

CWE    1
CWE-189

© 2013 SecPod Technologies