CVE-2007-4351 — Code Injection in Cups

CWE-189 CWE-94 — Code Injection13 documents9 sources

Severity

10.0CRITICALNVD

EPSS

23.7%

top 4.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Cups Cups

Timeline

PublishedOct 31

Latest updateMay 1

Description

Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶Debianapple/cups< 1.3.4-1+3

▶NVDcups/cups1.3.3

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-r79v-84jh-ff36: Off-by-one error in the ippReadIO function in cups/ipp↗2022-05-01

▶

OSV

CVE-2007-4351: Off-by-one error in the ippReadIO function in cups/ipp↗2007-10-31

▶

CVEList

CVE-2007-4351: Off-by-one error in the ippReadIO function in cups/ipp↗2007-10-31

▶

📋Vendor Advisories

Ubuntu

CUPS vulnerability↗2007-11-06

▶

Red Hat

cups boundary error↗2007-10-31

▶

Cisco

Common UNIX Printing System IPP Tags Memory Corruption Vulnerability↗2007-10-31

▶

Debian

CVE-2007-4351: cups - Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows re...↗2007

▶

💬Community

Bugzilla

CVE-2007-4351 cups boundary error [F7]↗2007-11-01

▶

Bugzilla

CVE-2007-4351 cups boundary error [Fdevel]↗2007-11-01

▶

Bugzilla

CVE-2007-4351 cups boundary error [FC6]↗2007-11-01

▶

Bugzilla

CVE-2007-4351 cups boundary error [F8]↗2007-11-01

▶

Bugzilla

CVE-2007-4351 cups boundary error↗2007-10-22

▶