Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding.
2002-12-26T05:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | easy_software_products | cups | 1.0.4 | Yes |
| Application | easy_software_products | cups | 1.0.4_8 | Yes |
| Application | easy_software_products | cups | 1.1.1 | Yes |
| Application | easy_software_products | cups | 1.1.4 | Yes |
| Application | easy_software_products | cups | 1.1.4_2 | Yes |
| Application | easy_software_products | cups | 1.1.4_3 | Yes |
| Application | easy_software_products | cups | 1.1.4_5 | Yes |
| Application | easy_software_products | cups | 1.1.6 | Yes |
| Application | easy_software_products | cups | 1.1.7 | Yes |
| Application | easy_software_products | cups | 1.1.10 | Yes |
| Application | easy_software_products | cups | 1.1.13 | Yes |
| Application | easy_software_products | cups | 1.1.14 | Yes |
| Application | easy_software_products | cups | 1.1.17 | Yes |
| Operating System | apple | mac_os_x | 10.2 | Yes |
| Operating System | apple | mac_os_x | 10.2.2 | Yes |