FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-4351

This CVE name corresponds to:

Entered	Topic
2007-11-09	cups -- off-by-one buffer overflow

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-4351 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2007-4351
Phase	Assigned(20070814)

Description

Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.

References

Source	Reference
MISC	http://secunia.com/secunia_research/2007-76/advisory/
CONFIRM	http://www.cups.org/str.php?L2561
CONFIRM	https://issues.rpath.com/browse/RPL-1875
CONFIRM	https://bugzilla.redhat.com/show_bug.cgi?id=361661
CONFIRM	http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm
CONFIRM	http://docs.info.apple.com/article.html?artnum=307179
APPLE	APPLE-SA-2007-12-17
CISCO	20080625 Wide Area Application Services (WAAS) Common UNIX Printing System (CUPS) Vulnerability
DEBIAN	DSA-1407
FEDORA	FEDORA-2007-2715
GENTOO	GLSA-200711-16
MANDRIVA	MDKSA-2007:204
REDHAT	RHSA-2007:1020
REDHAT	RHSA-2007:1022
REDHAT	RHSA-2007:1023
SLACKWARE	SSA:2007-305-01
SUSE	SUSE-SA:2007:058
UBUNTU	USN-539-1
CERT	TA07-352A
CERT-VN	VU#446897
BID	26268
OVAL	oval:org.mitre.oval:def:10604
VUPEN	ADV-2007-3681
VUPEN	ADV-2007-4238
VUPEN	ADV-2008-1934
SECTRACK	1018879
SECUNIA	27233
SECUNIA	27410
SECUNIA	27445
SECUNIA	27474
SECUNIA	27447
SECUNIA	27494
SECUNIA	27499
SECUNIA	27540
SECUNIA	27577
SECUNIA	27604
SECUNIA	27712
SECUNIA	28136
SECUNIA	30847
XF	cups-ippreadio-bo(38190)