CVE-2009-1196

CWE-3997 documents7 sources
Severity
5.0MEDIUM
EPSS
1.2%
top 21.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Cups
Timeline
PublishedJun 9
Latest updateMay 2

Description

The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debiancups< 1.1.99.b1.r4748-1+3
NVDapple/cups1.1.17, 1.1.22+1

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-f338-5f7m-892w: The directory-services functionality in the scheduler in CUPS 12022-05-02
CVEList
CVE-2009-1196: The directory-services functionality in the scheduler in CUPS 12009-06-09
OSV
CVE-2009-1196: The directory-services functionality in the scheduler in CUPS 12009-06-09

📋Vendor Advisories

2
Red Hat
cups: DoS (stop, crash) by renewing CUPS browse packets2009-06-02
Debian
CVE-2009-1196: cups - The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 ...2009

💬Community

1
Bugzilla
CVE-2009-1196 cups: DoS (stop, crash) by renewing CUPS browse packets2009-04-22
CVE-2009-1196 (MEDIUM CVSS 5) | The directory-services functionalit | cvebase.io