VYPR

Cups

by Openprinting

Source repositories

CVEs (96)

  • CVE-2009-1183Apr 23, 2009
    risk 0.00cvss epss 0.04

    The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.

  • CVE-2009-1181Apr 23, 2009
    risk 0.00cvss epss 0.04

    The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.

  • CVE-2009-1180Apr 23, 2009
    risk 0.00cvss epss 0.05

    The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.

  • CVE-2009-1179Apr 23, 2009
    risk 0.00cvss epss 0.06

    Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.

  • CVE-2009-0800Apr 23, 2009
    risk 0.00cvss epss 0.05

    Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.

  • CVE-2009-0799Apr 23, 2009
    risk 0.00cvss epss 0.04

    The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.

  • CVE-2009-0195Apr 23, 2009
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.

  • CVE-2009-0166Apr 23, 2009
    risk 0.00cvss epss 0.02

    The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.

  • CVE-2009-0163Apr 23, 2009
    risk 0.00cvss epss 0.04

    Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function…

  • CVE-2009-0147Apr 23, 2009
    risk 0.00cvss epss 0.03

    Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2)…

  • CVE-2009-0146Apr 23, 2009
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2)…

  • CVE-2008-5286Dec 1, 2008
    risk 0.00cvss epss 0.04

    Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.

  • CVE-2008-5184Nov 21, 2008
    risk 0.00cvss epss 0.04

    The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription…

  • CVE-2008-3640Oct 14, 2008
    risk 0.00cvss epss 0.05

    Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.

  • CVE-2008-3639Oct 14, 2008
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.

  • CVE-2008-1722Apr 10, 2008
    risk 0.00cvss epss 0.02

    Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.

  • CVE-2008-1373Apr 4, 2008
    risk 0.00cvss epss 0.02

    Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.

  • CVE-2008-0597Feb 26, 2008
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets.

  • CVE-2008-0596Feb 26, 2008
    risk 0.00cvss epss 0.02

    Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.

  • CVE-2008-0882Feb 21, 2008
    risk 0.00cvss epss 0.06

    Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation…

Page 4 of 5