Debian Cups vulnerabilities

CVE-2020-10001 [MEDIUM] CVE-2020-10001: cups - An input validation issue was addressed with improved memory handling. This issu... An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to read restricted memory. Scope: local bookworm: resolved (fixed in 2.3.3op2-1) bullseye: resolved (fixed in 2.3.3op2-1) forky: resolved (fixed in 2.3

CVE-2019-8696 [HIGH] CVE-2019-8696: cups - A buffer overflow issue was addressed with improved memory handling. This issue ... A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. Scope: local bookworm: resolved (fixed in 2.2.12-1) bullseye: resolved (fixed in 2.2.12-1) forky: resolv

CVE-2019-8675 [HIGH] CVE-2019-8675: cups - A buffer overflow issue was addressed with improved memory handling. This issue ... A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. Scope: local bookworm: resolved (fixed in 2.2.12-1) bullseye: resolved (fixed in 2.2.12-1) forky: resolv

CVE-2019-2228 [MEDIUM] CVE-2019-2228: cups - In array_find of array.c, there is a possible out-of-bounds read due to an incor... In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in the printer spooler with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-111210196 Scope: loca

CVE-2019-2180 [MEDIUM] CVE-2019-2180: cups - In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of... In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation. Scope: local bookworm: resolved (fixed in 2.2.12-1) bullseye: resolved (fi

CVE-2019-8842 [LOW] CVE-2019-8842: cups - A buffer overflow was addressed with improved bounds checking. This issue is fix... A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs. Scope: local bookworm: resolved (fixed in 2.3.1-12) bullseye: resolved (fixed in 2.3.1-12) forky: re

CVE-2018-4180 [HIGH] CVE-2018-4180: cups - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was ad... In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. Scope: local bookworm: resolved (fixed in 2.2.8-2) bullseye: resolved (fixed in 2.2.8-2) forky: resolved (fixed in 2.2.8-2) sid: resolved (fixed in 2.2.8-2) trixie: resolved (fixed in 2.2.8-2)

CVE-2018-6553 [HIGH] CVE-2018-6553: cups - The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of h... The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 L

CVE-2018-4300 [MEDIUM] CVE-2018-4300: cups - The session cookie generated by the CUPS web interface was easy to guess on Linu... The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10. Scope: local bookworm: resolved (fixed in 2.2.10-1) bullseye: resolved (fixed in 2.2.10-1) forky: resolved (fixed in 2.2.10-1) sid: resolved (fixed

CVE-2018-4181 [MEDIUM] CVE-2018-4181: cups - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was ad... In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. Scope: local bookworm: resolved (fixed in 2.2.8-2) bullseye: resolved (fixed in 2.2.8-2) forky: resolved (fixed in 2.2.8-2) sid: resolved (fixed in 2.2.8-2) trixie: resolved (fixed in 2.2.8-2)

CVE-2018-4183 [HIGH] CVE-2018-4183: cups - In macOS High Sierra before 10.13.5, an access issue was addressed with addition... In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-4182 [HIGH] CVE-2018-4182: cups - In macOS High Sierra before 10.13.5, an access issue was addressed with addition... In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-18190 [HIGH] CVE-2017-18190: cups - A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in... A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that

CVE-2017-15400 [HIGH] CVE-2017-15400: cups - Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.... Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. Scope: local bookworm: resolved (fixed in 2.2.3-2) bullseye: resolved (fixed in 2.2.3-2) forky: resolved (fixed in 2.2.3-2) sid:

CVE-2017-18248 [MEDIUM] CVE-2017-18248: cups - The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support... The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification. Scope: local bookworm: resolved (fixed in 2.2.6-1) bullseye: resolved (fixed in 2.2.6-1) forky: resolved (fixed in 2.2.6-1) sid: resolved (fixed in 2.2.6-1) tri

CVE-2015-1158 [CRITICAL] CVE-2015-1158: cups - The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs i... The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and c

CVE-2015-3279 [HIGH] CVE-2015-3279: cups - Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.7... Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.5.0-16) bullseye: resolved (fixed in 1.5.0-16) forky: resolved (fi

CVE-2015-3258 [HIGH] CVE-2015-3258: cups - Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in ... Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job. Scope: local bookworm: resolved (fixed in 1.5.0-16) bullseye: resolved (fixed in 1.5.0-16) forky: resolved (fixed in 1.

CVE-2015-1159 [MEDIUM] CVE-2015-1159: cups - Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/tem... Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/. Scope: local bookworm: resolved (fixed in 1.7.5-12) bullseye: resolved (fixed in 1.7.5-12) forky: resolved (fixed in 1.7.5-12) sid: resolved (

CVE-2015-2305 [MEDIUM] CVE-2015-2305: alpine - Integer overflow in the regcomp implementation in the Henry Spencer BSD regex li... Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. Scope: local bookworm: resolved bullseye: