Vulnerabilities > Apple > Cups > 1.1.20
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-11-21 | CVE-2008-5183 | NULL Pointer Dereference vulnerability in multiple products cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. | 7.5 |
2008-10-14 | CVE-2008-3640 | Numeric Errors vulnerability in Apple Cups Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. | 6.8 |
2008-10-14 | CVE-2008-3639 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Cups Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. | 7.5 |
2008-10-10 | CVE-2008-3641 | Resource Management Errors vulnerability in Apple Cups The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. | 10.0 |
2008-03-18 | CVE-2008-0053 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Cups Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | 10.0 |
2007-07-27 | CVE-2007-4045 | The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. | 5.0 |
2004-12-31 | CVE-2004-2154 | Improper Handling of Case Sensitivity vulnerability in multiple products CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | 9.8 |