Information Disclosure Vulnerability in CUPS on Apple Systems
CVE-2010-1748

Currently unrated

Key Information:

Vendor

Apple
Status
Cups
Vendor
CVE Published:
17 June 2010

What is CVE-2010-1748?

The cgi_initialize_string function in CUPS, used on various Apple platforms, has a vulnerability that improperly handles parameter values containing a '%' character lacking the required hex encoding. This flaw allows attackers to exploit crafted requests to gain unauthorized access to sensitive information stored in the cupsd process memory. Notable examples of this exploit include crafted URL requests that may reveal internal data, posing significant risks to system security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.apple.com/archives/security-announce/2010//J...
vendor-advisoryx_refsource_APPLE
http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2010/1481
vdb-entryx_refsource_VUPEN

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.