CVE-2017-18248 in CUPSinfo

Summary

The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

03/26/2018

Disclosure

03/26/2018

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
115040	CUPS ipp.c add_job input validation	20	Not defined	Official fix	CVE-2017-18248

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!