Red Hat Security Advisory 2015-2360-01 - The cups-filters packages contain back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. A heap-based buffer overflow flaw and an integer overflow flaw leading to a heap-based buffer overflow were discovered in the way the texttopdf utility of cups-filter processed print jobs with a specially crafted line size. An attacker able to submit print jobs could use these flaws to crash texttopdf or, possibly, execute arbitrary code with the privileges of the "lp" user.
1e2a6d802503add8b7fba3cda011eb13d52730a51fb791e23c5b1a617c7b18ffGentoo Linux Security Advisory 201510-8 - Multiple vulnerabilities have been found in cups-filters, the worst of which could lead to arbitrary code execution. Versions less than 1.0.71 are affected.
041e6a048891992ba3f2bb942be02df0e975338e5a91443a7651927b9952486cDebian Linux Security Advisory 3303-1 - It was discovered that the texttopdf utility, part of cups-filters, was susceptible to multiple heap-based buffer overflows due to improper handling of print jobs with a specially crafted line size. This could allow remote attackers to crash texttopdf or possibly execute arbitrary code.
c4cda9b519e70e14626d7d44c19ba37e1eff42e47edb6f66dae560941f93ea98Ubuntu Security Notice 2659-1 - Petr Sklenar discovered that the cups-filters texttopdf filter incorrectly handled line sizes. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code as the lp user.
69baf8ce8f3602fbe6159e75fb0d1f5afd1b81cdb94fdc462f57cdb4eac39fc7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed