CVE-2008-0755

Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; might allow remote attackers to execute arbitrary code via format string specifiers in the queue name in a request.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cyan_soft:cyanprintip_basic:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:cyanprintip_easy_opi:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:cyanprintip_professional:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:cyanprintip_standard:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:cyanprintip_workstation:*:*:*:*:*:*:*:*
cpe:2.3:a:cyan_soft:opium4_opi_server:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-02-13 20:00

Updated : 2024-02-28 11:01


NVD link : CVE-2008-0755

Mitre link : CVE-2008-0755

CVE.ORG link : CVE-2008-0755


JSON object : View

Products Affected

cyan_soft

  • cyanprintip_basic
  • opium4_opi_server
  • cyanprintip_workstation
  • cyanprintip_professional
  • cyanprintip_easy_opi
  • cyanprintip_standard
CWE
CWE-134

Use of Externally-Controlled Format String