CVE-2010-2941
CVE-2010-2941
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefoxhttp://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://rhn.redhat.com/errata/RHSA-2010-0811.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=624438http://secunia.com/advisories/42287http://secunia.com/advisories/42867http://secunia.com/advisories/43521http://security.gentoo.org/glsa/glsa-201207-10.xml