CVE-2010-2941

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

CVSS v3 9.8 CRITICAL
CVSS v2.0 9.3 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox	Broken Link
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html	Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html	Mailing List
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html	Mailing List
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html	Mailing List
http://rhn.redhat.com/errata/RHSA-2010-0811.html	Third Party Advisory
http://secunia.com/advisories/42287	Broken Link
http://secunia.com/advisories/42867	Broken Link
http://secunia.com/advisories/43521	Broken Link
http://security.gentoo.org/glsa/glsa-201207-10.xml	Third Party Advisory
http://securitytracker.com/id?1024662	Broken Link Third Party Advisory VDB Entry
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323	Broken Link
http://support.apple.com/kb/HT4435	Broken Link
http://www.debian.org/security/2011/dsa-2176	Mailing List Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232	Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:233	Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234	Broken Link
http://www.osvdb.org/68951	Broken Link
http://www.redhat.com/support/errata/RHSA-2010-0866.html	Broken Link
http://www.securityfocus.com/bid/44530	Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1012-1	Third Party Advisory
http://www.vupen.com/english/advisories/2010/2856	Broken Link Vendor Advisory
http://www.vupen.com/english/advisories/2010/3042	Broken Link
http://www.vupen.com/english/advisories/2010/3088	Broken Link
http://www.vupen.com/english/advisories/2011/0061	Broken Link
http://www.vupen.com/english/advisories/2011/0535	Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=624438	Issue Tracking Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/62882	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apple:cups::::::::
	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:apple:mac_os_x_server::::::::
	cpe:2.3:o:apple:mac_os_x_server::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:12:::::::*
	cpe:2.3:o:fedoraproject:fedora:13:::::::*
	cpe:2.3:o:fedoraproject:fedora:14:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR	cpe:2.3:o:opensuse:opensuse:11.1:::::::*
	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
	cpe:2.3:o:opensuse:opensuse:11.3:::::::*
	cpe:2.3:o:suse:linux_enterprise:10.0:sp3::::::
	cpe:2.3:o:suse:linux_enterprise:11.0:-::::::
	cpe:2.3:o:suse:linux_enterprise:11.0:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_server:9:::::::*

Configuration 6 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

History

02 Feb 2024, 16:35

Information

Published : 2010-11-05 17:00

Updated : 2024-02-02 16:35

NVD link : CVE-2010-2941

Mitre link : CVE-2010-2941

CVE.ORG link : CVE-2010-2941

JSON object : View

Products Affected

redhat

enterprise_linux_desktop
enterprise_linux
enterprise_linux_workstation
enterprise_linux_server

suse

linux_enterprise_server
linux_enterprise

apple

mac_os_x_server
mac_os_x
cups

opensuse

opensuse

debian

debian_linux

canonical

ubuntu_linux

fedoraproject

fedora

CWE

CWE-416

Use After Free

Type	Values Removed	Values Added
CVSS	v2 : ~~7.9~~ v3 : ~~unknown~~	v2 : 9.3 v3 : 9.8
References	~~() http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox -~~	() http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox - Broken Link
References	~~() http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html -~~	() http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html - Mailing List
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html - Mailing List
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html - Mailing List
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html - Mailing List
References	~~() http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html - Mailing List
References	~~() http://rhn.redhat.com/errata/RHSA-2010-0811.html -~~	() http://rhn.redhat.com/errata/RHSA-2010-0811.html - Third Party Advisory
References	~~() http://secunia.com/advisories/42287 -~~	() http://secunia.com/advisories/42287 - Broken Link
References	~~() http://secunia.com/advisories/42867 -~~	() http://secunia.com/advisories/42867 - Broken Link
References	~~() http://secunia.com/advisories/43521 -~~	() http://secunia.com/advisories/43521 - Broken Link
References	~~() http://security.gentoo.org/glsa/glsa-201207-10.xml -~~	() http://security.gentoo.org/glsa/glsa-201207-10.xml - Third Party Advisory
References	~~() http://securitytracker.com/id?1024662 -~~	() http://securitytracker.com/id?1024662 - Broken Link, Third Party Advisory, VDB Entry
References	~~() http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 -~~	() http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 - Broken Link
References	~~() http://support.apple.com/kb/HT4435 -~~	() http://support.apple.com/kb/HT4435 - Broken Link
References	~~() http://www.debian.org/security/2011/dsa-2176 -~~	() http://www.debian.org/security/2011/dsa-2176 - Mailing List, Third Party Advisory
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 -~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 - Broken Link
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 -~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 - Broken Link
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 -~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 - Broken Link
References	~~() http://www.osvdb.org/68951 -~~	() http://www.osvdb.org/68951 - Broken Link
References	~~() http://www.redhat.com/support/errata/RHSA-2010-0866.html -~~	() http://www.redhat.com/support/errata/RHSA-2010-0866.html - Broken Link
References	~~() http://www.securityfocus.com/bid/44530 -~~	() http://www.securityfocus.com/bid/44530 - Broken Link, Third Party Advisory, VDB Entry
References	~~() http://www.ubuntu.com/usn/USN-1012-1 -~~	() http://www.ubuntu.com/usn/USN-1012-1 - Third Party Advisory
References	~~() http://www.vupen.com/english/advisories/2010/2856 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2010/2856 - Broken Link, Vendor Advisory
References	~~() http://www.vupen.com/english/advisories/2010/3042 -~~	() http://www.vupen.com/english/advisories/2010/3042 - Broken Link
References	~~() http://www.vupen.com/english/advisories/2010/3088 -~~	() http://www.vupen.com/english/advisories/2010/3088 - Broken Link
References	~~() http://www.vupen.com/english/advisories/2011/0061 -~~	() http://www.vupen.com/english/advisories/2011/0061 - Broken Link
References	~~() http://www.vupen.com/english/advisories/2011/0535 -~~	() http://www.vupen.com/english/advisories/2011/0535 - Broken Link
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=624438 - Patch~~	() https://bugzilla.redhat.com/show_bug.cgi?id=624438 - Issue Tracking, Patch
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 - Third Party Advisory, VDB Entry
First Time		Redhat enterprise Linux Canonical Redhat enterprise Linux Desktop Apple mac Os X Suse linux Enterprise Fedoraproject fedora Opensuse Fedoraproject Suse Canonical ubuntu Linux Opensuse opensuse Debian Apple mac Os X Server Redhat enterprise Linux Server Redhat Suse linux Enterprise Server Debian debian Linux Redhat enterprise Linux Workstation
CWE	~~CWE-399~~	CWE-416
CPE	cpe:2.3:a:apple:cups:1.3.2:::::::* cpe:2.3:a:apple:cups:1.3.9:::::::* cpe:2.3:a:apple:cups:1.2:rc3:::::: cpe:2.3:a:apple:cups:1.2.9:::::::* cpe:2.3:a:apple:cups:1.3.0:::::::* cpe:2.3:a:apple:cups:1.2.6:::::::* cpe:2.3:a:apple:cups:1.1:::::::* cpe:2.3:a:apple:cups:1.1.10-1:::::::* cpe:2.3:a:apple:cups:1.1.4:::::::* cpe:2.3:a:apple:cups:1.2.0:::::::* cpe:2.3:a:apple:cups:1.2.3:::::::* cpe:2.3:a:apple:cups:1.1.8:::::::* cpe:2.3:a:apple:cups:1.1.16:::::::* cpe:2.3:a:apple:cups:1.1.3:::::::* cpe:2.3:a:apple:cups:1.3.10:::::::* cpe:2.3:a:apple:cups:1.3:rc2:::::: cpe:2.3:a:apple:cups:1.1.19:rc3:::::: cpe:2.3:a:apple:cups:1.1.7:::::::* cpe:2.3:a:apple:cups:1.1.12:::::::* cpe:2.3:a:apple:cups:1.1.21:rc1:::::: cpe:2.3:a:apple:cups:1.1.6-3:::::::* cpe:2.3:a:apple:cups:1.4:b1:::::: cpe:2.3:a:apple:cups:1.4:b2:::::: cpe:2.3:a:apple:cups:1.1.14:::::::* cpe:2.3:a:apple:cups:1.3.8:::::::* cpe:2.3:a:apple:cups:1.2.7:::::::* cpe:2.3:a:apple:cups:1.1.1:::::::* cpe:2.3:a:apple:cups:1.3.11:::::::* cpe:2.3:a:apple:cups:1.4.1:::::::* cpe:2.3:a:apple:cups:1.2:rc1:::::: cpe:2.3:a:apple:cups:1.3.3:::::::* cpe:2.3:a:apple:cups:1.1.5:::::::* cpe:2.3:a:apple:cups:1.2.1:::::::* cpe:2.3:a:apple:cups:1.1.6:::::::* cpe:2.3:a:apple:cups:1.3.7:::::::* cpe:2.3:a:apple:cups:1.1.18:::::::* cpe:2.3:a:apple:cups:1.2:b2:::::: cpe:2.3:a:apple:cups:1.1.20:rc2:::::: cpe:2.3:a:apple:cups:1.1.20:rc3:::::: cpe:2.3:a:apple:cups:1.4.3:::::::* cpe:2.3:a:apple:cups:1.1.21:rc2:::::: cpe:2.3:a:apple:cups:1.2.8:::::::* cpe:2.3:a:apple:cups:1.1.19:rc1:::::: cpe:2.3:a:apple:cups:1.1.19:rc5:::::: cpe:2.3:a:apple:cups:1.4:b3:::::: cpe:2.3:a:apple:cups:1.1.22:::::::* cpe:2.3:a:apple:cups:1.2.5:::::::* cpe:2.3:a:apple:cups:1.1.20:rc5:::::: cpe:2.3:a:apple:cups:1.1.17:::::::* cpe:2.3:a:apple:cups:1.1.11:::::::* cpe:2.3:a:apple:cups:1.3.4:::::::* cpe:2.3:a:apple:cups:1.2:b1:::::: cpe:2.3:a:apple:cups:1.1.19:::::::* cpe:2.3:a:apple:cups:1.1.13:::::::* cpe:2.3:a:apple:cups:1.2.12:::::::* cpe:2.3:a:apple:cups:1.4.0:::::::* cpe:2.3:a:apple:cups:1.1.23:::::::* cpe:2.3:a:apple:cups:1.1.5-1:::::::* cpe:2.3:a:apple:cups:1.3.5:::::::* cpe:2.3:a:apple:cups:1.2.10:::::::* cpe:2.3:a:apple:cups:1.1.19:rc2:::::: cpe:2.3:a:apple:cups:1.2:rc2:::::: cpe:2.3:a:apple:cups:1.1.2:::::::* cpe:2.3:a:apple:cups:1.3:b1:::::: cpe:2.3:a:apple:cups:1.1.15:::::::* cpe:2.3:a:apple:cups:1.1.20:rc6:::::: cpe:2.3:a:apple:cups:1.1.9-1:::::::* cpe:2.3:a:apple:cups:1.2.2:::::::* cpe:2.3:a:apple:cups:1.1.10:::::::* cpe:2.3:a:apple:cups:1.2.4:::::::* cpe:2.3:a:apple:cups:1.4.2:::::::* cpe:2.3:a:apple:cups:1.1.23:rc1:::::: cpe:2.3:a:apple:cups:1.1.19:rc4:::::: cpe:2.3:a:apple:cups:1.4:rc1:::::: cpe:2.3:a:apple:cups:1.3:rc1:::::: cpe:2.3:a:apple:cups:1.1.20:rc4:::::: cpe:2.3:a:apple:cups:1.1.22:rc2:::::: cpe:2.3:a:apple:cups:1.1.9:::::::* cpe:2.3:a:apple:cups:1.1.6-2:::::::* cpe:2.3:a:apple:cups:1.1.5-2:::::::* cpe:2.3:a:apple:cups:1.1.20:::::::* cpe:2.3:a:apple:cups:1.1.20:rc1:::::: cpe:2.3:a:apple:cups:1.1.22:rc1:::::: cpe:2.3:a:apple:cups:1.1.6-1:::::::* cpe:2.3:a:apple:cups:1.2.11:::::::* cpe:2.3:a:apple:cups:1.3.1:::::::* cpe:2.3:a:apple:cups:1.1.21:::::::* cpe:2.3:a:apple:cups:1.3.6:::::::*	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::* cpe:2.3:o:fedoraproject:fedora:14:::::::* cpe:2.3:o:suse:linux_enterprise:11.0:-:::::: cpe:2.3:o:canonical:ubuntu_linux:6.06:::::::* cpe:2.3:o:opensuse:opensuse:11.3:::::::* cpe:2.3:o:suse:linux_enterprise_server:9:::::::* cpe:2.3:o:opensuse:opensuse:11.1:::::::* cpe:2.3:o:opensuse:opensuse:11.2:::::::* cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::* cpe:2.3:o:apple:mac_os_x:::::::: cpe:2.3:o:canonical:ubuntu_linux:8.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::-::: cpe:2.3:o:fedoraproject:fedora:13:::::::* cpe:2.3:o:apple:mac_os_x_server:::::::: cpe:2.3:o:fedoraproject:fedora:12:::::::* cpe:2.3:o:suse:linux_enterprise:11.0:sp1:::::: cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::* cpe:2.3:o:redhat:enterprise_linux:6.0:::::::* cpe:2.3:o:suse:linux_enterprise:10.0:sp3:::::: cpe:2.3:o:debian:debian_linux:5.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

9.8 /10