Vulnerabilities > Apple > Cups
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-10-10 | CVE-2008-3641 | Resource Management Errors vulnerability in Apple Cups The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. | 10.0 |
| 2008-06-02 | CVE-2008-1033 | Permissions, Privileges, and Access Controls vulnerability in Apple Cups The scheduler in CUPS in Apple Mac OS X 10.5 before 10.5.3, when debug logging is enabled and a printer requires a password, allows attackers to obtain sensitive information (credentials) by reading the log data, related to "authentication environment variables." | 2.1 |
| 2008-03-18 | CVE-2008-0053 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Cups Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | 10.0 |
| 2007-07-27 | CVE-2007-4045 | The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. | 5.0 |
| 2004-12-31 | CVE-2004-2154 | Improper Handling of Case Sensitivity vulnerability in multiple products CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | 9.8 |
| 2002-12-26 | CVE-2002-1372 | Unchecked Return Value vulnerability in multiple products Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta. | 7.5 |