Lucene search

[email protected]CVE-2008-1374

HistoryApr 04, 2008 - 12:44 a.m.

CVE-2008-1374

2008-04-0400:44:00

CWE-190

[email protected]

web.nvd.nist.gov

cups

pdftops

rhel

integer overflow

remote code execution

pdf

incomplete fix

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.07 Low

EPSS

Percentile

94.0%

JSON

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888.

Affected configurations

NVD

Node

applecupsRange≤1.3.11

CPENameOperatorVersion
apple:cupsapple cupsle1.3.11

CPE	Name	Operator	Version
apple:cups	apple cups	le	1.3.11

References

secunia.com/advisories/29630

secunia.com/advisories/31388

wiki.rpath.com/wiki/Advisories:rPSA-2008-0245

www.redhat.com/support/errata/RHSA-2008-0206.html

www.securityfocus.com/archive/1/495164/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/41758

issues.rpath.com/browse/RPL-2390

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636

Social References

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.07 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2008-1374

nvd4 cvelist4 debiancve4 prion1 ubuntucve4 centos2 redhat10 openvas30 nessus44 oraclelinux2 osv3 debian6 ubuntu2 gentoo4 securityvulns4 cve3 freebsd1 suse3