CVE-2008-1374Integer Overflow or Wraparound in Apple Cups

CWE-190Integer Overflow or Wraparound8 documents7 sources
Severity
6.8MEDIUMNVD
CNA10.0
EPSS
2.3%
top 15.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Cups
Timeline
PublishedApr 4
Latest updateMay 1

Description

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDapple/cups1.3.11

🔴Vulnerability Details

2
GHSA
GHSA-3qp4-8w7m-xx2g: Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute a2022-05-01
CVEList
CVE-2008-1374: Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute a2008-04-04

💥Exploits & PoCs

1
Exploit-DB
AdMan 1.0.20051221 - 'ViewStatement.php' SQL Injection2003-03-23

📋Vendor Advisories

2
Red Hat
cups: incomplete fix for CVE-2004-0888 / CVE-2005-02062008-04-01
Debian
CVE-2008-1374: cups - Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, ...2008

💬Community

2
Bugzilla
CVE-2009-1376 CVE-2009-1373 CVE-2009-1374 CVE-2009-1375 Multiple pidgin vulnerabilities2009-05-26
Bugzilla
CVE-2008-1374 cups: incomplete fix for CVE-2004-0888 / CVE-2005-02062008-03-20
CVE-2008-1374 — Integer Overflow or Wraparound in Apple | cvebase