CUPS is prone to a NULL-pointer dereference vulnerability. Successful exploits may allow attackers to execute arbitrary code with the privileges of a user running the application. Failed exploit attempts likely cause denial-of-service conditions. CUPS versions prior to 1.4.4 are affected.

Updates are available. Please see the references for more information.

• http://cups.org/articles.php?L596
• http://cups.org/str.php?L3516
• http://www.cups.org
• https://www.securityfocus.com/bid/40943

---

Updated on 2015-03-25