CVE-2013-6474Improper Restriction of Operations within the Bounds of a Memory Buffer in Cups-filters

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents7 sources
Severity
6.8MEDIUMNVD
EPSS
20.8%
top 4.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple CupsLinuxfoundation Cups-filtersCanonical Ubuntu Linux
Timeline
PublishedMar 14
Latest updateMay 17

Description

Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

Debianlinuxfoundation/cups-filters< 1.0.47-1+3
Debianapple/cups< 1.5.0-16+3

Also affects: Ubuntu Linux 10.04, 12.04, 12.10, 13.10

Patches

Patch: bzr.linuxfoundation.orgPatch: bzr.linuxfoundation.org

🔴Vulnerability Details

3
GHSA
GHSA-crfj-g9h4-8jc8: Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 12022-05-17
OSV
CVE-2013-6474: Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 12014-03-14
CVEList
CVE-2013-6474: Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 12014-03-14

📋Vendor Advisories

3
Ubuntu
CUPS vulnerabilities2014-03-12
Ubuntu
cups-filters vulnerabilities2014-03-12
Debian
CVE-2013-6474: cups - Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters befo...2013

💬Community

2
Bugzilla
CVE-2013-6473 CVE-2013-6476 CVE-2013-6474 CVE-2013-6475 cups-filters: various flaws [fedora-all]2014-03-11
Bugzilla
CVE-2013-6474 cups-filters: heap-based buffer overflow flaw in pdftoopvp2013-11-07
CVE-2013-6474 — Cups-filters vulnerability | cvebase