CVE-2005-4873Improper Restriction of Operations within the Bounds of a Memory Buffer in Cups

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
7.5HIGHNVD
EPSS
1.1%
top 21.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple CupsCups
Timeline
PublishedDec 31
Latest updateMay 1

Description

Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameters, as demonstrated by the cups_get_dest_options function in phpcups.c.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debianapple/cups< 1.1.23-10sarge1+3
NVDcups/cups1.1.23

🔴Vulnerability Details

3
GHSA
GHSA-7c52-ww2j-7v63: Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 12022-05-01
CVEList
CVE-2005-4873: Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 12008-03-24
OSV
CVE-2005-4873: Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 12005-12-31

📋Vendor Advisories

1
Debian
CVE-2005-4873: cups - Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23r...2005
CVE-2005-4873 — Cups vulnerability | cvebase