Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4351

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-4351
Last Modified 07 Mar 2011 09:58:25
Published 31 Oct 2007 06:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4351

Summary

Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.

Vulnerable Systems

Application

  • Cups 1.3.3


References

CERT - TA07-352A

CERT-VN - VU#446897

SECUNIA - 27233

FEDORA - FEDORA-2007-2715

CONFIRM - https://issues.rpath.com/browse/RPL-1875

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=361661

XF - cups-ippreadio-bo(38190)

VUPEN - ADV-2008-1934

VUPEN - ADV-2007-4238

VUPEN - ADV-2007-3681

UBUNTU - USN-539-1

SECTRACK - 1018879

BID - 26268

REDHAT - RHSA-2007:1023

REDHAT - RHSA-2007:1022

REDHAT - RHSA-2007:1020

SUSE - SUSE-SA:2007:058

MANDRIVA - MDKSA-2007:204

DEBIAN - DSA-1407

CONFIRM - http://www.cups.org/str.php?L2561

CISCO - 20080625 Wide Area Application Services (WAAS) Common UNIX Printing System (CUPS) Vulnerability

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm

SLACKWARE - SSA:2007-305-01

GENTOO - GLSA-200711-16

MISC - http://secunia.com/secunia_research/2007-76/advisory/

SECUNIA - 30847

SECUNIA - 28136

SECUNIA - 27712

SECUNIA - 27604

SECUNIA - 27577

SECUNIA - 27540

SECUNIA - 27499

SECUNIA - 27494

SECUNIA - 27474

SECUNIA - 27447

SECUNIA - 27445

SECUNIA - 27410

APPLE - APPLE-SA-2007-12-17

CONFIRM - http://docs.info.apple.com/article.html?artnum=307179

Related Patches

Apple 2007-12-17 Security Update 2007-009 (10.4.11 PPC)

Apple 2007-12-17 Security Update 2007-009 (10.5.1)

Apple 2007-12-21 Security Update 2007-009 1.1 (10.4.11 PPC)

Apple 2007-12-21 Security Update 2007-009 1.1 (10.5.1)

Apple 2007-12-21 Security Update 2007-009 1.1 (10.4.11 Universal)


Last Updated: 27 May 2016 10:45:50