DSA-1530 cupsys -- Several vulnerabilitiesID: oval:org.mitre.oval:def:7966 | Date: (C)2009-12-15 (M)2021-06-02 |
Class: PATCH | Family: unix |
Several local/remote vulnerabilities have been discovered in cupsys, the Common Unix Printing System. The Common Vulnerabilities and Exposures project identifies the following problems: Heap-based buffer overflow in CUPS, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly the execution of arbitrary code via crafted packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer.