1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
PublicDate: 2007-12-19
Candidate: CVE-2007-5849
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849
http://www.ubuntu.com/usn/usn-563-1
Description:
Integer underflow in the asn1_get_string function in the SNMP back end
(backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to
execute arbitrary code via a crafted SNMP response that triggers a
stack-based buffer overflow.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Assigned-to: kees
upstream_cupsys: released (1.3.5-1)
dapper_cupsys: released (1.2.2-0ubuntu0.6.06.6)
edgy_cupsys: released (1.2.4-2ubuntu3.2)
feisty_cupsys: released (1.2.8-0ubuntu8.2)
gutsy_cupsys: released (1.3.2-1ubuntu7.3)
devel_cupsys: not-affected
|