CVE-2002-0063

Current Description

Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.

Basic Data

PublishedMarch 08, 2002
Last ModifiedMay 03, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationEasy Software ProductsCups********1.1.14

Vulnerable Software List

VendorProductVersions
Easy Software Products Cups *

References

NameSourceURLTags
CSSA-2002-008.0ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-008.0.txtCALDERA
CLA-2002:471http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000471CONECTIVA
SuSE-SA:2002:005http://lists2.suse.com/archive/suse-security-announce/2001-Mar/0000.htmlSUSE
http://www.cups.org/relnotes.htmlhttp://www.cups.org/relnotes.htmlCONFIRMVendor Advisory
DSA-110http://www.debian.org/security/2002/dsa-110DEBIANPatch
MDKSA-2002:015http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-015.phpMANDRAKEPatch
RHSA-2002:032http://www.redhat.com/support/errata/RHSA-2002-032.htmlREDHAT
4100http://www.securityfocus.com/bid/4100BID
cups-ippread-bo(8192)https://exchange.xforce.ibmcloud.com/vulnerabilities/8192XF