CVE-2013-6475
Published: 7 March 2014
Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.
Notes
Author | Note |
---|---|
mdeslaur | filters used to be in main cups package in lucid |
Priority
Status
Package | Release | Status |
---|---|---|
cups Launchpad, Ubuntu, Debian |
lucid |
Released
(1.4.3-1ubuntu1.10)
|
precise |
Not vulnerable
(code not present)
|
|
quantal |
Not vulnerable
(code not present)
|
|
saucy |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
cups-filters Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Released
(1.0.18-0ubuntu0.2)
|
|
quantal |
Released
(1.0.24-2ubuntu0.2)
|
|
saucy |
Released
(1.0.40-0ubuntu1.1)
|
|
upstream |
Released
(1.0.47)
|