FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cups-base -- HPGL buffer overflow vulnerability

Affected packages
cups-base < 1.1.22.0_2
fr-cups-base < 1.1.22.0_2

Details

VuXML ID 40a3bca2-6809-11d9-a9e7-0001020eed82
Discovery 2004-12-15
Entry 2005-01-17

Ariel Berkman has discovered a buffer overflow vulnerability in CUPS's HPGL input driver. This vulnerability could be exploited to execute arbitrary code with the permission of the CUPS server by printing a specially crated HPGL file.

References

Bugtraq ID 11968
CVE Name CVE-2004-1267
URL http://tigger.uic.edu/~jlongs2/holes/cups.txt
URL http://www.cups.org/str.php?L1024