What is CVE-2005-2874?

CVE-2005-2874 is a vulnerability in Easy_software_products Cups. Published 2005-09-13.

Is CVE-2005-2874 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Easy_software_products Cups

CVE-2005-2874

The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.

EPSS: 0.030 (85.5th percentile) — read the EPSS interpretation.

Affected products

Easy_software_products Cups — versions 1.1, 1.1.1, 1.1.2
N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

secalert@redhat.com (x_refsource_FEDORA, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (Exploit, Patch, x_refsource_MISC, Vendor Advisory)
secalert@redhat.com (Exploit, Patch, vdb-entry, x_refsource_SECTRACK, Vendor Advisory)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_OVAL, signature, vdb-entry)
secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2005-2874?: CVE-2005-2874 is a vulnerability in Easy_software_products Cups. Published 2005-09-13.
Is CVE-2005-2874 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.