Debian Security Advisory DSA 2875-1 (cups-filters - Security Update) Network Vulnerability

Summary

Florian Weimer of the Red Hat Product Security Team discovered multiple vulnerabilities in the pdftoopvp CUPS filter, which could result in the execution of aribitrary code if a malformed PDF file is processed.

Solution

For the stable distribution (wheezy), these problems have been fixed in version 1.0.18-2.1+deb7u1. For the unstable distribution (sid), these problems have been fixed in version 1.0.47-1. We recommend that you upgrade your cups-filters packages.

Insight

This package provides additional CUPS filters which are not provided by the CUPS project itself. This includes filters for a PDF based printing workflow.

Affected

cups-filters on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2014/dsa-2875.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6474, CVE-2013-6475, CVE-2013-6476

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 037-1 (nextaw, xaw3d, xaw95)
Debian Security Advisory DSA 068-1 (openldap)
Debian Security Advisory DSA 1010-1 (ilohamail)
Debian Security Advisory DSA 1148-1 (gallery)
Debian Security Advisory DSA 1022-1 (storebackup)

Debian Security Advisory DSA 2875-1 (cups-filters - security update)

Take action and discover your vulnerabilities