ID CVE-2007-5849
Summary Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:1.3.3:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 29-07-2017 - 01:33)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
apple APPLE-SA-2007-12-17
bid
  • 26910
  • 26917
cert TA07-352A
confirm
debian DSA-1437
fedora FEDORA-2008-0322
gentoo GLSA-200712-14
mandriva MDVSA-2008:036
secunia
  • 28113
  • 28129
  • 28136
  • 28200
  • 28386
  • 28441
  • 28636
  • 28676
suse
  • SUSE-SA:2008:002
  • SUSE-SR:2008:002
ubuntu USN-563-1
vupen
  • ADV-2007-4238
  • ADV-2007-4242
xf
  • cups-asn1getstring-bo(39101)
  • macos-snmp-bo(39097)
statements via4
contributor Joshua Bressers
lastmodified 2008-01-02
organization Red Hat
statement Not vulnerable. This flaw does not affect the version of CUPS shipped in Red Hat Enterprise Linux 3 or 4. After a detailed analysis of this flaw, it has been determined it does not pose a security threat on Red Hat Enterprise Linux 5. For more details regarding this analysis, please see: https://bugzilla.redhat.com/show_bug.cgi?id=415131
Last major update 29-07-2017 - 01:33
Published 19-12-2007 - 21:46
Last modified 29-07-2017 - 01:33
Back to Top