Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1384

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-1384
Last Modified 10 Sep 2008 03:14:27
Published 02 Jan 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-1384

Summary

Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.

Vulnerable Systems

Application

  • Easy Software Products Cups 1.0.4

  • Easy Software Products Cups 1.0.4 8

  • Easy Software Products Cups 1.1.1

  • Easy Software Products Cups 1.1.10

  • Easy Software Products Cups 1.1.13

  • Easy Software Products Cups 1.1.14

  • Easy Software Products Cups 1.1.17

  • Easy Software Products Cups 1.1.4

  • Easy Software Products Cups 1.1.4 2

  • Easy Software Products Cups 1.1.4 3

  • Easy Software Products Cups 1.1.4 5

  • Easy Software Products Cups 1.1.6

  • Easy Software Products Cups 1.1.7

  • Xpdf 0.90

  • Xpdf 0.91

  • Xpdf 1.0

  • Xpdf 1.0a

  • Xpdf 1.1

  • Xpdf 2.0

  • Xpdf 2.1


References

MISC - http://www.idefense.com/advisory/12.23.02.txt

GENTOO - GLSA-200301-1

XF - pdftops-integer-overflow(10937)

BID - 6475

REDHAT - RHSA-2003:216

REDHAT - RHSA-2003:037

REDHAT - RHSA-2002:307

REDHAT - RHSA-2002:295

SUSE - SUSE-SA:2003:002

MANDRAKE - MDKSA-2003:002

MANDRAKE - MDKSA-2003:001

DEBIAN - DSA-232

DEBIAN - DSA-226

DEBIAN - DSA-222


Last Updated: 27 May 2016 10:37:18