CUPS Multiple Heap Based Buffer Overflow Vulnerabilities

CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before using it to allocate memory buffers.

Remote attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Note that local attackers may also exploit these vulnerabilities to elevate privileges.

Successful remote exploits may require printer sharing to be enabled on the vulnerable system.

These issues affect versions prior to CUPS 1.3.9.


Privacy Statement
Copyright 2010, SecurityFocus