CVE-2010-2941 - Vulnerability Details

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.26536.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:apple:cups::::::::
	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:apple:mac_os_x_server::::::::
	cpe:2.3:o:apple:mac_os_x_server::::::::

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:12:::::::*
	cpe:2.3:o:fedoraproject:fedora:13:::::::*
	cpe:2.3:o:fedoraproject:fedora:14:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*

Configuration 4 [-]

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Configuration 5 [-]

OR	cpe:2.3:o:opensuse:opensuse:11.1:::::::*
	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
	cpe:2.3:o:opensuse:opensuse:11.3:::::::*
	cpe:2.3:o:suse:linux_enterprise:10.0:sp3::::::
	cpe:2.3:o:suse:linux_enterprise:11.0:-::::::
	cpe:2.3:o:suse:linux_enterprise:11.0:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_server:9:::::::*

Configuration 6 [-]

OR	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
cups-1:1.3.7-18.el5_5.8	cpe:/o:redhat:enterprise_linux:5	RHSA-2010:0811	2010-10-29T00:00:00Z
Red Hat Enterprise Linux 6
cups-1:1.4.2-35.el6_0.1	cpe:/o:redhat:enterprise_linux:6	RHSA-2010:0866	2010-11-10T00:00:00Z

No data.

Project Subscriptions

Vendors	Products
Apple Subscribe	Cups Subscribe Mac Os X Subscribe Mac Os X Server Subscribe
Canonical Subscribe	Ubuntu Linux Subscribe
Debian Subscribe	Debian Linux Subscribe
Fedoraproject Subscribe	Fedora Subscribe
Opensuse Subscribe	Opensuse Subscribe
Redhat Subscribe	Enterprise Linux Subscribe Enterprise Linux Desktop Subscribe Enterprise Linux Server Subscribe Enterprise Linux Workstation Subscribe
Suse Subscribe	Linux Enterprise Subscribe Linux Enterprise Server Subscribe

Advisories

Source	ID	Title
Debian DSA	DSA-2176-1	cups security update
Ubuntu USN	USN-1012-1	CUPS vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
http://rhn.redhat.com/errata/RHSA-2010-0811.html
http://secunia.com/advisories/42287
http://secunia.com/advisories/42867
http://secunia.com/advisories/43521
http://security.gentoo.org/glsa/glsa-201207-10.xml
http://securitytracker.com/id?1024662
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323
http://support.apple.com/kb/HT4435
http://www.debian.org/security/2011/dsa-2176
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232
http://www.mandriva.com/security/advisories?name=MDVSA-2010:233
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234
http://www.osvdb.org/68951
http://www.redhat.com/support/errata/RHSA-2010-0866.html
http://www.securityfocus.com/bid/44530
http://www.ubuntu.com/usn/USN-1012-1
http://www.vupen.com/english/advisories/2010/2856
http://www.vupen.com/english/advisories/2010/3042
http://www.vupen.com/english/advisories/2010/3088
http://www.vupen.com/english/advisories/2011/0061
http://www.vupen.com/english/advisories/2011/0535
https://bugzilla.redhat.com/show_bug.cgi?id=624438
https://exchange.xforce.ibmcloud.com/vulnerabilities/62882
https://nvd.nist.gov/vuln/detail/CVE-2010-2941
https://www.cve.org/CVERecord?id=CVE-2010-2941

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-11-05T16:28:00

Updated: 2024-08-07T02:55:45.502Z

Reserved: 2010-08-04T00:00:00

Link: CVE-2010-2941

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2010-11-05T17:00:01.843

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-2941

Redhat

Severity : Important

Publid Date: 2010-10-28T00:00:00Z

Links: CVE-2010-2941 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-416

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object