Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mac_os_x | Apple | 10.5.1 (including) | 10.5.1 (including) |