CVE-2013-6473Improper Restriction of Operations within the Bounds of a Memory Buffer in Cups-filters

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents7 sources
Severity
6.8MEDIUMNVD
EPSS
13.7%
top 5.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linuxfoundation Cups-filtersCanonical Ubuntu Linux
Timeline
PublishedMar 14
Latest updateMay 17

Description

Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

Debianlinuxfoundation/cups-filters< 1.0.47-1+3
NVDlinuxfoundation/cups-filters22 versions+21

Also affects: Ubuntu Linux 13.10

Patches

Patch: bzr.linuxfoundation.orgPatch: bzr.linuxfoundation.org

🔴Vulnerability Details

3
GHSA
GHSA-8gv8-v2jg-r2xw: Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 12022-05-17
CVEList
CVE-2013-6473: Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 12014-03-14
OSV
CVE-2013-6473: Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 12014-03-14

📋Vendor Advisories

2
Ubuntu
cups-filters vulnerabilities2014-03-12
Debian
CVE-2013-6473: cups-filters - Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0....2013

💬Community

2
Bugzilla
CVE-2013-6473 CVE-2013-6476 CVE-2013-6474 CVE-2013-6475 cups-filters: various flaws [fedora-all]2014-03-11
Bugzilla
CVE-2013-6473 cups-filters: two heap-based buffer overflow flaws in urftopdf2013-11-07
CVE-2013-6473 — Cups-filters vulnerability | cvebase