CVE-2013-6475

Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176	Patch
http://www.debian.org/security/2014/dsa-2875
http://www.debian.org/security/2014/dsa-2876
http://www.securityfocus.com/bid/66166
http://www.ubuntu.com/usn/USN-2143-1
http://www.ubuntu.com/usn/USN-2144-1
https://bugzilla.redhat.com/show_bug.cgi?id=1027550
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176	Patch
http://www.debian.org/security/2014/dsa-2875
http://www.debian.org/security/2014/dsa-2876
http://www.securityfocus.com/bid/66166
http://www.ubuntu.com/usn/USN-2143-1
http://www.ubuntu.com/usn/USN-2144-1
https://bugzilla.redhat.com/show_bug.cgi?id=1027550

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*
	cpe:2.3:o:debian:debian_linux::::::::
	cpe:2.3:o:fedoraproject:fedora::::::::

Configuration 2 (hide)

OR	cpe:2.3:a:linuxfoundation:cups-filters::::::::
	cpe:2.3:a:linuxfoundation:cups-filters:1.0:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.1:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.2:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.3:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.4:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.5:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.6:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.7:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.8:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.9:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.10:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.11:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.12:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.13:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.14:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.15:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.16:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.17:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.18:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.19:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.20:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.21:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.22:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.23:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.24:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.25:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.26:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.27:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.28:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.29:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.30:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.31:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.32:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.33:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.34:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.35:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.36:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.37:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.38:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.39:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.40:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.41:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:::::::*
	cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:::::::*

History

21 Nov 2024, 01:59

Type	Values Removed	Values Added
References	~~() http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176 - Patch~~	() http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176 - Patch
References	~~() http://www.debian.org/security/2014/dsa-2875 -~~	() http://www.debian.org/security/2014/dsa-2875 -
References	~~() http://www.debian.org/security/2014/dsa-2876 -~~	() http://www.debian.org/security/2014/dsa-2876 -
References	~~() http://www.securityfocus.com/bid/66166 -~~	() http://www.securityfocus.com/bid/66166 -
References	~~() http://www.ubuntu.com/usn/USN-2143-1 -~~	() http://www.ubuntu.com/usn/USN-2143-1 -
References	~~() http://www.ubuntu.com/usn/USN-2144-1 -~~	() http://www.ubuntu.com/usn/USN-2144-1 -
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=1027550 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=1027550 -

Information

Published : 2014-03-14 15:55

Updated : 2024-11-21 01:59

NVD link : CVE-2013-6475

Mitre link : CVE-2013-6475

CVE.ORG link : CVE-2013-6475

JSON object : View

Products Affected

debian

debian_linux

fedoraproject

fedora

canonical

ubuntu_linux

linuxfoundation

cups-filters

CWE

CWE-189

Numeric Errors

6.8 /10