Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0047

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0047
Last Modified 07 Mar 2011 12:00:00
Published 18 Mar 2008 07:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0047

Summary

Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions.

Vulnerable Systems

Application

  • Cups 1.3.5


References

CERT - TA08-079A

APPLE - APPLE-SA-2008-03-18

FEDORA - FEDORA-2008-2897

FEDORA - FEDORA-2008-2131

VUPEN - ADV-2008-0924

VUPEN - ADV-2008-0921

UBUNTU - USN-598-1

SECTRACK - 1019646

BID - 28307

REDHAT - RHSA-2008:0192

MANDRIVA - MDVSA-2008:081

DEBIAN - DSA-1530

GENTOO - GLSA-200804-01

SECUNIA - 29750

SECUNIA - 29655

SECUNIA - 29634

SECUNIA - 29603

SECUNIA - 29573

SECUNIA - 29485

SECUNIA - 29448

SECUNIA - 29431

SECUNIA - 29420

SUSE - SUSE-SA:2008:015

IDEFENSE - 20080318 Multiple Vendor CUPS CGI Heap Overflow Vulnerability

CONFIRM - http://docs.info.apple.com/article.html?artnum=307562

Related Patches

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Leopard)

Apple 2008-03-26 Security Update 2008-002 v1.1 Server (Leopard) (Rev 2)

Apple 2008-03-26 Security Update 2008-002 v1.1 Client (Leopard) (Rev 2)


Last Updated: 27 May 2016 10:46:39