CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
88.5%
Debian Security Advisory DSA-3172-1 [email protected]
http://www.debian.org/security/ Sebastien Delafond
February 25, 2015 http://www.debian.org/security/faq
Package : cups
CVE ID : CVE-2014-9679
Debian Bug : 778387
Peter De Wachter discovered that CUPS, the Common UNIX Printing
System, did not correctly parse compressed raster files. By submitting
a specially crafted raster file, a remote attacker could use this
vulnerability to trigger a buffer overflow.
For the stable distribution (wheezy), this problem has been fixed in
version 1.5.3-5+deb7u5.
For the upcoming stable distribution (jessie) and unstable
distribution (sid), this problem has been fixed in version 1.7.5-11.
We recommend that you upgrade your cups packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | mips | libcupscgi1-dev | < 1.5.3-5+deb7u5 | libcupscgi1-dev_1.5.3-5+deb7u5_mips.deb |
Debian | 7 | s390x | libcupsdriver1-dev | < 1.5.3-5+deb7u5 | libcupsdriver1-dev_1.5.3-5+deb7u5_s390x.deb |
Debian | 6 | amd64 | libcupsmime1-dev | < 1.4.4-7+squeeze7 | libcupsmime1-dev_1.4.4-7+squeeze7_amd64.deb |
Debian | 7 | armel | libcupsdriver1 | < 1.5.3-5+deb7u5 | libcupsdriver1_1.5.3-5+deb7u5_armel.deb |
Debian | 7 | i386 | libcupsimage2-dev | < 1.5.3-5+deb7u5 | libcupsimage2-dev_1.5.3-5+deb7u5_i386.deb |
Debian | 7 | i386 | cups-ppdc | < 1.5.3-5+deb7u5 | cups-ppdc_1.5.3-5+deb7u5_i386.deb |
Debian | 6 | i386 | libcupsmime1-dev | < 1.4.4-7+squeeze7 | libcupsmime1-dev_1.4.4-7+squeeze7_i386.deb |
Debian | 7 | s390x | libcupsimage2 | < 1.5.3-5+deb7u5 | libcupsimage2_1.5.3-5+deb7u5_s390x.deb |
Debian | 7 | mipsel | cups-client | < 1.5.3-5+deb7u5 | cups-client_1.5.3-5+deb7u5_mipsel.deb |
Debian | 7 | s390 | cups | < 1.5.3-5+deb7u5 | cups_1.5.3-5+deb7u5_s390.deb |