CVE-2010-0542

2010-06-1700:00:00

ubuntu.com

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.011

Percentile

84.2%

JSON

The _WriteProlog function in texttops.c in texttops in the Text Filter
subsystem in CUPS before 1.4.4 does not check the return values of certain
calloc calls, which allows remote attackers to cause a denial of service
(NULL pointer dereference or heap memory corruption) or possibly execute
arbitrary code via a crafted file.

OSVersionArchitecturePackageVersionFilename
ubuntu9.04noarchcups< 1.3.9-17ubuntu3.9UNKNOWN
ubuntu9.10noarchcups< 1.4.1-5ubuntu2.6UNKNOWN
ubuntu10.04noarchcups< 1.4.3-1ubuntu1.2UNKNOWN
ubuntu6.06noarchcupsys< 1.2.2-0ubuntu0.6.06.19UNKNOWN
ubuntu8.04noarchcupsys< 1.3.7-1ubuntu3.11UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	9.04	noarch	cups	< 1.3.9-17ubuntu3.9	UNKNOWN
ubuntu	9.10	noarch	cups	< 1.4.1-5ubuntu2.6	UNKNOWN
ubuntu	10.04	noarch	cups	< 1.4.3-1ubuntu1.2	UNKNOWN
ubuntu	6.06	noarch	cupsys	< 1.2.2-0ubuntu0.6.06.19	UNKNOWN
ubuntu	8.04	noarch	cupsys	< 1.3.7-1ubuntu3.11	UNKNOWN