Vulnerabilities > Easy Software Products > High

DATE CVE VULNERABILITY TITLE RISK
2005-04-27 CVE-2005-0206 Integer Overflow vulnerability in Xpdf PDFTOPS
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. 		7.5
7.5
2003-01-02 CVE-2002-1384 Integer Overflow vulnerability in Xpdf/CUPS pdftops
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
local
low complexity
easy-software-products xpdf
7.2
7.2
2002-12-26 CVE-2002-1371 filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.
network
low complexity
easy-software-products apple
7.5
7.5
2002-12-26 CVE-2002-1368 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding.
network
low complexity
easy-software-products apple
7.5
7.5
2002-03-08 CVE-2002-0063 Buffer Overflow vulnerability in Common Unix Printing System Attribute Name
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
network
low complexity
easy-software-products
7.5
7.5
2001-05-10 CVE-2001-1332 Remote Security vulnerability in CUPS
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.
network
low complexity
easy-software-products
7.5
7.5