CUPS Server 'cups/ipp.c' Remote Memory Corruption Vulnerability
Severity: : High
CVE Kennungen: : CVE-2010-2941
Advisory Date: 21 de lipca de 2015
DESCRIPTION
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1004527
Trend Micro Deep Security DPI Rule Name: 1004527 - CUPS Server 'cups/ipp.c' Remote Memory Corruption Vulnerability
AFFECTED SOFTWARE AND VERSION:
- apple cups 1.1
- apple cups 1.1.1
- apple cups 1.1.10
- apple cups 1.1.10-1
- apple cups 1.1.11
- apple cups 1.1.12
- apple cups 1.1.13
- apple cups 1.1.14
- apple cups 1.1.15
- apple cups 1.1.16
- apple cups 1.1.17
- apple cups 1.1.18
- apple cups 1.1.19
- apple cups 1.1.2
- apple cups 1.1.20
- apple cups 1.1.21
- apple cups 1.1.22
- apple cups 1.1.23
- apple cups 1.1.3
- apple cups 1.1.4
- apple cups 1.1.5
- apple cups 1.1.5-1
- apple cups 1.1.5-2
- apple cups 1.1.6
- apple cups 1.1.6-1
- apple cups 1.1.6-2
- apple cups 1.1.6-3
- apple cups 1.1.7
- apple cups 1.1.8
- apple cups 1.1.9
- apple cups 1.1.9-1
- apple cups 1.2
- apple cups 1.2.0
- apple cups 1.2.1
- apple cups 1.2.10
- apple cups 1.2.11
- apple cups 1.2.12
- apple cups 1.2.2
- apple cups 1.2.3
- apple cups 1.2.4
- apple cups 1.2.5
- apple cups 1.2.6
- apple cups 1.2.7
- apple cups 1.2.8
- apple cups 1.2.9
- apple cups 1.3
- apple cups 1.3.0
- apple cups 1.3.1
- apple cups 1.3.10
- apple cups 1.3.11
- apple cups 1.3.2
- apple cups 1.3.3
- apple cups 1.3.4
- apple cups 1.3.5
- apple cups 1.3.6
- apple cups 1.3.7
- apple cups 1.3.8
- apple cups 1.3.9
- apple cups 1.4
- apple cups 1.4.0
- apple cups 1.4.1
- apple cups 1.4.2
- apple cups 1.4.3
- apple cups 1.4.4