|
|
Subscribe / Log in / New account

cups: multiple vulnerabilities

Package(s):cups CVE #(s):CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183
Created:April 17, 2009 Updated:August 18, 2010
Description: From the Red Hat advisory:

Multiple buffer overflow flaws were found in the CUPS JBIG2 decoder. An attacker could create a malicious PDF file that would cause CUPS to crash or, potentially, execute arbitrary code as the "lp" user if the file was printed. (CVE-2009-0146, CVE-2009-1182)

Multiple integer overflow flaws were found in the CUPS JBIG2 decoder. An attacker could create a malicious PDF file that would cause CUPS to crash or, potentially, execute arbitrary code as the "lp" user if the file was printed. (CVE-2009-0147, CVE-2009-1179)

Multiple flaws were found in the CUPS JBIG2 decoder that could lead to the freeing of arbitrary memory. An attacker could create a malicious PDF file that would cause CUPS to crash or, potentially, execute arbitrary code as the "lp" user if the file was printed. (CVE-2009-0166, CVE-2009-1180)

Multiple denial of service flaws were found in the CUPS JBIG2 decoder. An attacker could create a malicious PDF file that would cause CUPS to crash when printed. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183)

Multiple input validation flaws were found in the CUPS JBIG2 decoder. An attacker could create a malicious PDF file that would cause CUPS to crash or, potentially, execute arbitrary code as the "lp" user if the file was printed. (CVE-2009-0800)

Alerts:
Gentoo 201310-03 poppler 2013-10-06
Mandriva MDVSA-2011:175 poppler 2011-11-15
Ubuntu USN-973-1 koffice 2010-08-17
CentOS CESA-2010:0400 tetex 2010-05-28
Mandriva MDVSA-2010:096 tetex 2010-05-17
CentOS CESA-2010:0399 tetex 2010-05-08
Red Hat RHSA-2010:0400-01 tetex 2010-05-06
Red Hat RHSA-2010:0399-01 tetex 2010-05-06
Mandriva MDVSA-2010:087 poppler 2010-04-29
Mandriva MDVSA-2010:055 poppler 2010-03-04
Mandriva MDVSA-2009:346 kde 2009-12-29
Mandriva MDVSA-2009:331 kdegraphics 2009-12-10
Mandriva MDVSA-2009:282-1 cups 2009-12-07
Mandriva MDVSA-2009:283 cups 2009-10-19
Mandriva MDVSA-2009:282 cups 2009-10-19
Fedora FEDORA-2009-10694 xpdf 2009-10-21
Mandriva MDVSA-2009:281 cups 2009-10-19
Fedora FEDORA-2009-6972 poppler 2009-06-27
SuSE SUSE-SR:2009:012 optipng, cups, quagga, pango, strongswan, perl-DBD-Pg, irssi, openssl/libopenssl-devel, net-snmp, ImageMagick/GraphicsMagick, perl, ipsec-tools/novell-ipsec-tools, poppler/libpoppler3/libpoppler4, yast2-ldap-server, tomcat6, gstreamer-plugins/gstreamer010-plugins-bad, apache2-mod_php5 2009-07-03
Fedora FEDORA-2009-6973 poppler 2009-06-27
Fedora FEDORA-2009-6982 poppler 2009-06-27
CentOS CESA-2009:0431 kdegraphics 2009-05-19
CentOS CESA-2009:0480 poppler 2009-05-15
Red Hat RHSA-2009:0480-01 poppler 2009-05-13
SuSE SUSE-SR:2009:010 firefox apport evolution freetype2 java_1_4_2-ibm kdegraphics3 libopenssl libsoup xulrunner opensc python-crypto unbound xpdf 2009-05-12
Slackware SSA:2009-129-01 xpdf 2009-05-11
Debian DSA-1793-1 kdegraphics 2009-05-06
Debian DSA-1790-1 xpdf 2009-05-05
CentOS CESA-2009:0458 gpdf 2009-05-03
Red Hat RHSA-2009:0458-01 gpdf 2009-04-30
Fedora FEDORA-2009-3753 cups 2009-04-21
Fedora FEDORA-2009-3769 cups 2009-04-21
rPath rPSA-2009-0059-1 poppler 2009-04-17
Red Hat RHSA-2009:0429-01 cups 2009-04-16
Gentoo 200904-20 cups 2009-04-23
SuSE SUSE-SA:2009:024 cups 2009-04-22
Fedora FEDORA-2009-3820 xpdf 2009-04-21
Fedora FEDORA-2009-3794 xpdf 2009-04-21
CentOS CESA-2009:0429 cups 2009-04-20
CentOS CESA-2009:0430 xpdf 2009-04-20
Ubuntu USN-759-1 poppler 2009-04-16
rPath rPSA-2009-0061-1 cups 2009-04-17
Red Hat RHSA-2009:0431-01 kdegraphics 2009-04-16
Red Hat RHSA-2009:0430-01 xpdf 2009-04-16
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds