Debian Cups-Filters vulnerabilities

CVE-2025-64503 [MEDIUM] CVE-2025-64503: cups-filters - cups-filters contains backends, filters, and other software required to get the ... cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In cups-filters prior to 1.28.18, by crafting a PDF file with a large `MediaBox` value, an attacker can cause CUPS-Filter 1.x’s `pdftoraster` tool to write beyond the bounds of an array. First, a PDF with a large

CVE-2025-64524 [LOW] CVE-2025-64524: cups-filters - cups-filters contains backends, filters, and other software required to get the ... cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault when processing maliciously crafted input data. This issue can be ex

CVE-2025-57812 [LOW] CVE-2025-57812: cups-filters - CUPS is a standards-based, open-source printing system, and `libcupsfilters` con... CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. In CUPS-Filters versions up to and including 1.28.17 and libscupsfilters versions 2.0.0 through 2.1.1, CUPS-Filters'

CVE-2024-47176 [HIGH] CVE-2024-47176: cups-filters - CUPS is a standards-based, open-source printing system, and `cups-browsed` conta... CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker cont

CVE-2024-47076 [HIGH] CVE-2024-47076: cups-filters - CUPS is a standards-based, open-source printing system, and `libcupsfilters` con... CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP se

CVE-2024-47850 [MEDIUM] CVE-2024-47850: cups-filters - CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary de... CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. (The request is meant to probe the new printer but can be used to create DDoS amplification attacks.) Scope: local bookworm: open bullseye: op

CVE-2023-24805 [HIGH] CVE-2023-24805: cups-filters - cups-filters contains backends, filters, and other software required to get the ... cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which call

CVE-2015-8560 [HIGH] CVE-2015-8560: cups-filters - Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0... Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327. Scope: local bookworm: resolved (fixed in 1.4.0-1) bullseye: resolved (fixed in

CVE-2015-8327 [HIGH] CVE-2015-8327: cups-filters - Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0... Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job. Scope: local bookworm: resolved (fixed in 1.2.0-1) bullseye: resolved (fixed in 1.2.0-1) forky: resolved (fixed in 1.2.0-1) sid:

CVE-2015-3279 [HIGH] CVE-2015-3279: cups - Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.7... Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.5.0-16) bullseye: resolved (fixed in 1.5.0-16) forky: resolved (fi

CVE-2015-2265 [HIGH] CVE-2015-2265: cups-filters - The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0... The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707. Scope: local bookworm: resolved (fixed in 1.0.61-5) bullseye: resolved (fixed

CVE-2015-3258 [HIGH] CVE-2015-3258: cups - Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in ... Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job. Scope: local bookworm: resolved (fixed in 1.5.0-16) bullseye: resolved (fixed in 1.5.0-16) forky: resolved (fixed in 1.

CVE-2014-4336 [HIGH] CVE-2014-4336: cups-filters - The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cup... The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707. Scope: local bookworm: resolved (fixed in 1.0.53-1) bullseye: resolved (fixed in

CVE-2014-2707 [HIGH] CVE-2014-2707: cups-filters - cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to ... cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues." Scope: local bookworm: resolved (fixed in 1.0.51-1) bullseye: resolved (fixed in 1.0.51-1) forky: resolved (fixed in 1.0.51-1) sid: resolved (

CVE-2014-4337 [MEDIUM] CVE-2014-4337: cups-filters - The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups... The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data. Scope: local bookworm: resolved (fixed in 1.0.53-1) bullseye: resolved (fixed in 1.0.53-1) forky: resolved (fixed in 1.0.53-1) sid: resolve

CVE-2014-4338 [MEDIUM] CVE-2014-4338: cups-filters - cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass int... cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses. Scope: local bookworm: resolved (fixed in 1.0.53-1) bullseye: resolved (fixed in 1.0.53-1) fo

CVE-2013-6475 [MEDIUM] CVE-2013-6475: cups - Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx ... Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.5.0-16) bullseye: resolved (fixed in 1.5.0-16) forky: resolved (fi

CVE-2013-6474 [MEDIUM] CVE-2013-6474: cups - Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters befo... Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file. Scope: local bookworm: resolved (fixed in 1.5.0-16) bullseye: resolved (fixed in 1.5.0-16) forky: resolved (fixed in 1.5.0-16) sid: resolved (fixed in 1.5.0-16) trixie: resolved (fixed in 1.5.0-16)

CVE-2013-6476 [MEDIUM] CVE-2013-6476: cups - The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp fi... The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file. Scope: local bookworm: resolved (fixed in 1.5.0-16) bullseye: resolved (fixed in 1.5.0-16) forky: resolved (fixed in 1.5.0-16) sid: resolved (fi

CVE-2013-6473 [MEDIUM] CVE-2013-6473: cups-filters - Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.... Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file. Scope: local bookworm: resolved (fixed in 1.0.47-1) bullseye: resolved (fixed in 1.0.47-1) forky: resolved (fixed in 1.0.47-1) sid: resolved (fixed in 1.0.47-1) trixie: