CVE-2008-0053 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Cups

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents9 sources

Severity

10.0CRITICALNVD

EPSS

27.6%

top 3.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Cups

Timeline

PublishedMar 18

Latest updateMay 1

Description

Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶Debianapple/cups< 1.3.6-1+3

▶NVDapple/cups1.3.5+53

Patches

Patch: lists.apple.com ↗Patch: lists.apple.com ↗

🔴Vulnerability Details

GHSA

GHSA-gwr4-m5cm-8f54: Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1↗2022-05-01

▶

CVEList

CVE-2008-0053: Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1↗2008-03-18

▶

OSV

CVE-2008-0053: Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1↗2008-03-18

▶

💥Exploits & PoCs

Exploit-DB

Qvod Player 2.1.5 - 'QvodInsert.dll' ActiveX Control Remote Buffer Overflow↗2008-01-11

▶

📋Vendor Advisories

Ubuntu

CUPS vulnerabilities↗2008-04-02

▶

Red Hat

cups: buffer overflows in HP-GL/2 filter↗2008-03-18

▶

Debian

CVE-2008-0053: cups - Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3...↗2008

▶

💬Community

Bugzilla

CVE-2008-0053 cups: buffer overflows in HP-GL/2 filter↗2008-03-19

▶