CVE-2013-6474

cups-filters < 1.0.46 - Remote Code Execution via Crafted PDF File

Title source: llm

Description

Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.

References (7)

Core 7

Core References

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2144-1

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2014/dsa-2876

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1027548

Patch x_refsource_confirm

http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2143-1

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2014/dsa-2875

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/66163

Scores

EPSS 0.1418

EPSS Percentile 94.5%

Details

CWE

CWE-119

Status published

Products (50)

canonical/ubuntu_linux 10.04

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 12.10

canonical/ubuntu_linux 13.10

debian/debian_linux

fedoraproject/fedora

linuxfoundation/cups-filters 1.0

linuxfoundation/cups-filters 1.0.1

linuxfoundation/cups-filters 1.0.2

linuxfoundation/cups-filters 1.0.3

... and 40 more

Published Mar 14, 2014

Tracked Since Feb 18, 2026