CUPS Server 'cups/ipp.c' Remote Memory Corruption Vulnerability
Severity: HIGH
CVE Identifier: CVE-2010-2941
Advisory Date: JUL 21, 2015
DESCRIPTION
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1004527
Trend Micro Deep Security DPI Rule Name: 1004527 - CUPS Server 'cups/ipp.c' Remote Memory Corruption Vulnerability
AFFECTED SOFTWARE AND VERSION
- apple cups 1.1
- apple cups 1.1.1
- apple cups 1.1.10
- apple cups 1.1.10-1
- apple cups 1.1.11
- apple cups 1.1.12
- apple cups 1.1.13
- apple cups 1.1.14
- apple cups 1.1.15
- apple cups 1.1.16
- apple cups 1.1.17
- apple cups 1.1.18
- apple cups 1.1.19
- apple cups 1.1.2
- apple cups 1.1.20
- apple cups 1.1.21
- apple cups 1.1.22
- apple cups 1.1.23
- apple cups 1.1.3
- apple cups 1.1.4
- apple cups 1.1.5
- apple cups 1.1.5-1
- apple cups 1.1.5-2
- apple cups 1.1.6
- apple cups 1.1.6-1
- apple cups 1.1.6-2
- apple cups 1.1.6-3
- apple cups 1.1.7
- apple cups 1.1.8
- apple cups 1.1.9
- apple cups 1.1.9-1
- apple cups 1.2
- apple cups 1.2.0
- apple cups 1.2.1
- apple cups 1.2.10
- apple cups 1.2.11
- apple cups 1.2.12
- apple cups 1.2.2
- apple cups 1.2.3
- apple cups 1.2.4
- apple cups 1.2.5
- apple cups 1.2.6
- apple cups 1.2.7
- apple cups 1.2.8
- apple cups 1.2.9
- apple cups 1.3
- apple cups 1.3.0
- apple cups 1.3.1
- apple cups 1.3.10
- apple cups 1.3.11
- apple cups 1.3.2
- apple cups 1.3.3
- apple cups 1.3.4
- apple cups 1.3.5
- apple cups 1.3.6
- apple cups 1.3.7
- apple cups 1.3.8
- apple cups 1.3.9
- apple cups 1.4
- apple cups 1.4.0
- apple cups 1.4.1
- apple cups 1.4.2
- apple cups 1.4.3
- apple cups 1.4.4