Buffer overflow in Linuxfoundation Cups-filters

CVE-2013-6473

Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.

Vulnerability class: Buffer Overflow

EPSS: 0.137 (94.4th percentile) — read the EPSS interpretation.

Affected products

Linuxfoundation Cups-filters — versions 1.0.25, 1.0.26, 1.0.27
Canonical Ubuntu_linux — versions 13.10
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

USN-2143-1 (x_refsource_UBUNTU, vendor-advisory)
66601 (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM, Patch)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM)