CVE-2008-0755

Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; might allow remote attackers to execute arbitrary code via format string specifiers in the queue name in a request.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cyan_soft:cyanprintip_basic:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:cyanprintip_easy_opi:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:cyanprintip_professional:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:cyanprintip_standard:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:cyanprintip_workstation:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:opium4_opi_server:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:42

Type Values Removed Values Added
References () http://aluigi.altervista.org/adv/cyanuro-adv.txt - () http://aluigi.altervista.org/adv/cyanuro-adv.txt -
References () http://secunia.com/advisories/28870 - Vendor Advisory () http://secunia.com/advisories/28870 - Vendor Advisory
References () http://www.securityfocus.com/archive/1/487955/100/0/threaded - () http://www.securityfocus.com/archive/1/487955/100/0/threaded -
References () http://www.securityfocus.com/bid/27728 - Exploit () http://www.securityfocus.com/bid/27728 - Exploit
References () http://www.securityfocus.com/bid/27734 - () http://www.securityfocus.com/bid/27734 -
References () http://www.vupen.com/english/advisories/2008/0498 - () http://www.vupen.com/english/advisories/2008/0498 -

Information

Published : 2008-02-13 20:00

Updated : 2024-11-21 00:42


NVD link : CVE-2008-0755

Mitre link : CVE-2008-0755

CVE.ORG link : CVE-2008-0755


JSON object : View

Products Affected

cyan_soft

  • opium4_opi_server
  • cyanprintip_professional
  • cyanprintip_workstation
  • cyanprintip_easy_opi
  • cyanprintip_basic
  • cyanprintip_standard
CWE
CWE-134

Use of Externally-Controlled Format String