| Errata ID | 321 |
|---|---|
| Date | 2015-09-23 |
| Source package | cups |
| Fixed in version | 1.5.3-5.96.201509111033 |
| Description | Multiple security vulnerabilities have been fixed in cups: * Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow (CVE-2014-9679). * The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code (CVE-2015-1158). * Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/ (CVE-2015-1159). |
| Additional notes | |
| CVE ID | CVE-2014-9679 CVE-2015-1158 CVE-2015-1159 |
| UCS Bug number | #37815 |
