CUPS IPP Use-After-Free Denial Of Service Vulnerability Network Vulnerability

Summary

This host is running CUPS and is prone to Denial of Service vulnerability.

Impact

Successful exploitation will let the remote unauthenticated attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. Impact Level: Application

Solution

Upgrade to 1.4.5 or above, For updates refer to http://www.cups.org/software.php

Insight

The flaw is caused by improper allocation of memory for attribute values with invalid string data type.

Affected

CUPS 1.4.4 and prior

References

http://xforce.iss.net/xforce/xfdb/62882
https://bugzilla.redhat.com/show_bug.cgi?id=624438

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2941

CVSS	Base Score: 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Foxit Reader Multiple Denial of Service Vulnerabilities - Jun09
BulletProof FTP Client '.bps' File Buffer Overflow Vulnerability
Abyss httpd crash
ClamAV Multiple Vulnerabilities (Win)
Allegro Software RomPager 2.10 Denial of Service

CUPS IPP Use-After-Free Denial of Service Vulnerability

Take action and discover your vulnerabilities