ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
21 Nov 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox - Broken Link | |
References | () http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html - Mailing List | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html - Mailing List | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html - Mailing List | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html - Mailing List | |
References | () http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html - Mailing List | |
References | () http://rhn.redhat.com/errata/RHSA-2010-0811.html - Third Party Advisory | |
References | () http://secunia.com/advisories/42287 - Broken Link | |
References | () http://secunia.com/advisories/42867 - Broken Link | |
References | () http://secunia.com/advisories/43521 - Broken Link | |
References | () http://security.gentoo.org/glsa/glsa-201207-10.xml - Third Party Advisory | |
References | () http://securitytracker.com/id?1024662 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 - Broken Link | |
References | () http://support.apple.com/kb/HT4435 - Broken Link | |
References | () http://www.debian.org/security/2011/dsa-2176 - Mailing List, Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 - Broken Link | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 - Broken Link | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 - Broken Link | |
References | () http://www.osvdb.org/68951 - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2010-0866.html - Broken Link | |
References | () http://www.securityfocus.com/bid/44530 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/USN-1012-1 - Third Party Advisory | |
References | () http://www.vupen.com/english/advisories/2010/2856 - Broken Link, Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2010/3042 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/3088 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2011/0061 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2011/0535 - Broken Link | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=624438 - Issue Tracking, Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 - Third Party Advisory, VDB Entry |
02 Feb 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 9.8 |
First Time |
Suse linux Enterprise
Canonical ubuntu Linux Redhat enterprise Linux Desktop Opensuse Suse linux Enterprise Server Opensuse opensuse Redhat enterprise Linux Server Fedoraproject Debian Redhat enterprise Linux Redhat enterprise Linux Workstation Canonical Fedoraproject fedora Apple mac Os X Server Apple mac Os X Redhat Suse Debian debian Linux |
|
References | () http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox - Broken Link | |
References | () http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html - Mailing List | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html - Mailing List | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html - Mailing List | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html - Mailing List | |
References | () http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html - Mailing List | |
References | () http://rhn.redhat.com/errata/RHSA-2010-0811.html - Third Party Advisory | |
References | () http://secunia.com/advisories/42287 - Broken Link | |
References | () http://secunia.com/advisories/42867 - Broken Link | |
References | () http://secunia.com/advisories/43521 - Broken Link | |
References | () http://security.gentoo.org/glsa/glsa-201207-10.xml - Third Party Advisory | |
References | () http://securitytracker.com/id?1024662 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 - Broken Link | |
References | () http://support.apple.com/kb/HT4435 - Broken Link | |
References | () http://www.debian.org/security/2011/dsa-2176 - Mailing List, Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 - Broken Link | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 - Broken Link | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 - Broken Link | |
References | () http://www.osvdb.org/68951 - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2010-0866.html - Broken Link | |
References | () http://www.securityfocus.com/bid/44530 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/USN-1012-1 - Third Party Advisory | |
References | () http://www.vupen.com/english/advisories/2010/2856 - Broken Link, Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2010/3042 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/3088 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2011/0061 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2011/0535 - Broken Link | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=624438 - Issue Tracking, Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.4:b2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.4:b1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.4:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.4.3:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.4:b3:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:* |
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:* cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:11.0:sp1:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* |
CWE | CWE-416 |
Information
Published : 2010-11-05 17:00
Updated : 2025-04-11 00:51
NVD link : CVE-2010-2941
Mitre link : CVE-2010-2941
CVE.ORG link : CVE-2010-2941
JSON object : View
Products Affected
debian
- debian_linux
suse
- linux_enterprise
- linux_enterprise_server
redhat
- enterprise_linux_workstation
- enterprise_linux
- enterprise_linux_server
- enterprise_linux_desktop
fedoraproject
- fedora
apple
- mac_os_x_server
- mac_os_x
- cups
opensuse
- opensuse
canonical
- ubuntu_linux
CWE
CWE-416
Use After Free