A heap-based buffer overflow was discovered in in libcups"s ppdFindOption function in ppd-mark.c:430. The issue can be reproduced by loading a crafted ppd file and calling the ppdMarkDefaults libcups API function. Fixed In Version: cups 2.3.3