Integer Overflow Vulnerability in CUPS and cups-filters Software
CVE-2013-6475

Currently unrated

Key Information:

Vendor: Canonical
Status: Ubuntu Linux; Debian Linux; Fedora
Vendor: CVE Published:; 14 March 2014

Summary

Multiple integer overflow vulnerabilities exist in the CUPS and cups-filters software, specifically in the OPVPOutputDev.cxx and OPVPSplash.cxx components. These vulnerabilities can allow remote attackers to exploit improperly handled PDF files, triggering a heap-based buffer overflow. This exploitation can lead to arbitrary code execution, posing serious security risks to affected systems. Updates and patches are recommended to mitigate these vulnerabilities.

References

http://www.ubuntu.com/usn/USN-2144-1

vendor-advisoryx_refsource_UBUNTU

http://www.debian.org/security/2014/dsa-2876

vendor-advisoryx_refsource_DEBIAN

https://bugzilla.redhat.com/show_bug.cgi?id=1027550

x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 14, 2014
Vulnerability Reserved
Nov 4, 2013