Heap-based Buffer Overflow in CUPS Affects Remote Code Execution
CVE-2013-6474

Currently unrated

Key Information:

Vendor

Linux
Status
Cups-filters
Vendor
CVE Published:
14 March 2014

What is CVE-2013-6474?

A heap-based buffer overflow vulnerability exists in the pdftoopvp filter of the Common UNIX Printing System (CUPS) and its associated cups-filters package before version 1.0.47. This flaw allows remote attackers to craft a malicious PDF file that, when processed, can lead to arbitrary code execution on affected systems. Successful exploitation may grant an attacker unauthorized access and control, making it essential for users to apply the necessary updates promptly.

References

http://www.ubuntu.com/usn/USN-2144-1
vendor-advisoryx_refsource_UBUNTU
http://www.debian.org/security/2014/dsa-2876
vendor-advisoryx_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=1027548
x_refsource_CONFIRM

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.