Description
Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.
References (5)
Core 5
Core References
Issue Tracking x_refsource_confirm
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741333
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2143-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66601
Patch x_refsource_confirm
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7175
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1027547
Scores
EPSS
0.1371
EPSS Percentile
94.4%
Details
CWE
CWE-119
Status
published
Products (23)
canonical/ubuntu_linux
13.10
linuxfoundation/cups-filters
1.0.25
linuxfoundation/cups-filters
1.0.26
linuxfoundation/cups-filters
1.0.27
linuxfoundation/cups-filters
1.0.28
linuxfoundation/cups-filters
1.0.29
linuxfoundation/cups-filters
1.0.30
linuxfoundation/cups-filters
1.0.31
linuxfoundation/cups-filters
1.0.32
linuxfoundation/cups-filters
1.0.33
... and 13 more
Published
Mar 14, 2014
Tracked Since
Feb 18, 2026