Vulnerabilities > Cups
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-10 | CVE-2018-6553 | The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. | 4.6 |
2018-01-12 | CVE-2014-8166 | Improper Input Validation vulnerability in Cups The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name. | 5.1 |
2015-06-26 | CVE-2015-1159 | Cross-site Scripting vulnerability in Cups Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/. | 4.3 |
2015-06-26 | CVE-2015-1158 | 7PK - Security Features vulnerability in Cups The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code. | 10.0 |
2008-04-10 | CVE-2008-1722 | Improper Input Validation vulnerability in Cups 1.3 Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image. | 4.3 |
2008-03-18 | CVE-2008-0047 | Buffer Errors vulnerability in Cups 1.3.5 Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | 9.3 |
2008-02-21 | CVE-2008-0882 | Buffer Errors vulnerability in Cups 1.3.5 Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. | 10.0 |
2007-10-31 | CVE-2007-4351 | Numeric Errors vulnerability in Cups Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | 10.0 |
2007-03-13 | CVE-2007-0720 | The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. | 5.0 |
2005-12-31 | CVE-2005-4873 | Buffer Errors vulnerability in Cups 1.1.23 Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameters, as demonstrated by the cups_get_dest_options function in phpcups.c. | 7.5 |