Out-of-Bounds Affecting cups package, versions <1.2.0
Threat Intelligence
EPSS
0.1% (43rd
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN9-CUPS-364505
- published 19 Dec 2007
- disclosed 19 Dec 2007
Introduced: 19 Dec 2007
CVE-2007-5848 Open this link in a new tabHow to fix?
Upgrade Debian:9 cups to version 1.2.0 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream cups package and not the cups package as distributed by Debian.
See How to fix? for Debian:9 relevant fixed versions and status.
Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.
References
- https://security-tracker.debian.org/tracker/CVE-2007-5848
- http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
- http://www.securityfocus.com/archive/1/485829/100/0/threaded
- http://www.us-cert.gov/cas/techalerts/TA07-352A.html
- http://docs.info.apple.com/article.html?artnum=307179
- https://issues.rpath.com/browse/RPL-2009
- http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html
- http://secunia.com/advisories/28136
- http://secunia.com/advisories/28344
- http://secunia.com/advisories/28441
- http://secunia.com/advisories/28636
- http://www.securityfocus.com/bid/26910
- http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
- http://www.vupen.com/english/advisories/2007/4238
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39096
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:050
CVSS Scores
version 3.1