ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Apple
  • Cups
  • Mac Os X
  • Mac Os X Server
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Fedoraproject
  • Fedora
Opensuse
  • Opensuse
Redhat
  • Enterprise Linux
  • Enterprise Linux Desktop
  • Enterprise Linux Server
  • Enterprise Linux Workstation
Suse
  • Linux Enterprise
  • Linux Enterprise Server

Configuration 1 [-]

OR cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:11.0:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:11.0:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 5
cups-1:1.3.7-18.el5_5.8 cpe:/o:redhat:enterprise_linux:5 RHSA-2010:0811 2010-10-29T00:00:00Z
Red Hat Enterprise Linux 6
cups-1:1.4.2-35.el6_0.1 cpe:/o:redhat:enterprise_linux:6 RHSA-2010:0866 2010-11-10T00:00:00Z
References
Link Providers
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox cve-icon cve-icon
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2010-0811.html cve-icon cve-icon
http://secunia.com/advisories/42287 cve-icon cve-icon
http://secunia.com/advisories/42867 cve-icon cve-icon
http://secunia.com/advisories/43521 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-201207-10.xml cve-icon cve-icon
http://securitytracker.com/id?1024662 cve-icon cve-icon
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 cve-icon cve-icon
http://support.apple.com/kb/HT4435 cve-icon cve-icon
http://www.debian.org/security/2011/dsa-2176 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 cve-icon cve-icon
http://www.osvdb.org/68951 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2010-0866.html cve-icon cve-icon
http://www.securityfocus.com/bid/44530 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1012-1 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/2856 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/3042 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/3088 cve-icon cve-icon
http://www.vupen.com/english/advisories/2011/0061 cve-icon cve-icon
http://www.vupen.com/english/advisories/2011/0535 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=624438 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2010-2941 cve-icon
https://www.cve.org/CVERecord?id=CVE-2010-2941 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-11-05T16:28:00

Updated: 2024-08-07T02:55:45.502Z

Reserved: 2010-08-04T00:00:00

Link: CVE-2010-2941

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2010-11-05T17:00:01.843

Modified: 2024-02-02T16:35:18.603

Link: CVE-2010-2941

cve-icon Redhat

Severity : Important

Publid Date: 2010-10-28T00:00:00Z

Links: CVE-2010-2941 - Bugzilla