CVE-2010-2941 in cupsinfo

Summary

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

08/04/2010

Disclosure

11/05/2010

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-399 (Confirmed)

CVSS

9.6

EPSS

0.21353

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-2941
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-2941
CVE Details	https://www.cvedetails.com/cve/CVE-2010-2941/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!