CVE Vulnerabilities

CVE-2007-5849

Published: Dec 19, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple 10.5.1 (including) 10.5.1 (including)
Cupsys Ubuntu dapper *
Cupsys Ubuntu edgy *
Cupsys Ubuntu feisty *
Cupsys Ubuntu gutsy *
Cupsys Ubuntu upstream *

References