Vulnerabilities > Easy Software Products > Cups > 1.1.17

DATE CVE VULNERABILITY TITLE RISK
2008-02-26 CVE-2008-0597 Resource Management Errors vulnerability in Easy Software products Cups 1.1.17/1.1.22
Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets.
network
low complexity
redhat easy-software-products CWE-399
5.0
2005-09-13 CVE-2005-2874 Unspecified vulnerability in Easy Software products Cups
The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.
network
low complexity
easy-software-products
5.0
2005-04-27 CVE-2005-0206 Integer Overflow vulnerability in Xpdf PDFTOPS
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
7.5
2005-01-27 CVE-2004-0927 Multiple Security vulnerability in Apple Mac OS X
ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.
network
low complexity
easy-software-products apple
5.0
2005-01-27 CVE-2004-0926 Multiple Security vulnerability in Apple Mac OS X
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
network
low complexity
easy-software-products apple
critical
10.0
2005-01-27 CVE-2004-0924 Multiple Security vulnerability in Apple Mac OS X
NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not.
network
low complexity
easy-software-products apple
5.0
2005-01-27 CVE-2004-0923 Local Password Disclosure vulnerability in CUPS Error_Log
CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords.
local
low complexity
easy-software-products apple
2.1
2005-01-27 CVE-2004-0889 Integer Overflow vulnerability in Xpdf PDFTOPS
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
10.0
2005-01-27 CVE-2004-0888 Integer Overflow vulnerability in Xpdf PDFTOPS
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
10.0
2005-01-10 CVE-2004-1270 lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.
local
low complexity
easy-software-products redhat
2.1