Buffer Overflow Vulnerability in CUPS Affected by Malformed Raster Files
CVE-2014-9679

Currently unrated

Key Information:

Vendor: Apple
Status: Cups
Vendor: CVE Published:; 19 February 2015

Summary

The CUPS (Common Unix Printing System) has an integer underflow vulnerability in the cupsRasterReadPixels function within filter/raster.c. This vulnerability affects versions prior to 2.0.2 and allows remote attackers to exploit a buffer overflow by sending a malformed compressed raster file. Successful exploitation could lead to unexpected behaviors or crashes, potentially compromising the integrity of the system or allowing unauthorized access.

References

http://rhn.redhat.com/errata/RHSA-2015-1123.html

vendor-advisoryx_refsource_REDHAT

https://www.cups.org/str.php?L4551

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2015/02/10/15

mailing-listx_refsource_MLIST

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 19, 2015
Vulnerability Reserved
Feb 12, 2015