Denial of Service Vulnerability in CUPS by Apple
CVE-2009-1196

Currently unrated

Key Information:

Vendor: Apple
Status: Cups
Vendor: CVE Published:; 9 June 2009

Summary

The scheduler's directory-services functionality in CUPS versions 1.1.17 and 1.1.22 is susceptible to a denial of service attack. Remote attackers can manipulate the timing of CUPS browse packets, triggering a pointer use-after-delete flaw that may cause the cupsd daemon to crash or become unresponsive. This vulnerability introduces significant risks for users relying on the stability and availability of CUPS for printing services.

References

http://secunia.com/advisories/35340

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2009/1488

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/50944

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 9, 2009
Vulnerability Reserved
Mar 31, 2009