Integer Overflow Vulnerability in CUPS and cups-filters Software
CVE-2013-6475

Currently unrated

Key Information:

Vendor

Canonical

Status
Ubuntu Linux
Debian Linux
Fedora
Vendor
CVE Published:
14 March 2014

What is CVE-2013-6475?

Multiple integer overflow vulnerabilities exist in the CUPS and cups-filters software, specifically in the OPVPOutputDev.cxx and OPVPSplash.cxx components. These vulnerabilities can allow remote attackers to exploit improperly handled PDF files, triggering a heap-based buffer overflow. This exploitation can lead to arbitrary code execution, posing serious security risks to affected systems. Updates and patches are recommended to mitigate these vulnerabilities.

References

http://www.ubuntu.com/usn/USN-2144-1
vendor-advisoryx_refsource_UBUNTU
http://www.debian.org/security/2014/dsa-2876
vendor-advisoryx_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=1027550
x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2013-6475 : Integer Overflow Vulnerability in CUPS and cups-filters Software