What is CVE-2013-6475?

CVE-2013-6475 is a vulnerability in Linuxfoundation Cups-filters, classified under CWE-189. Published 2014-03-14.

Is CVE-2013-6475 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Linuxfoundation Cups-filters

CVE-2013-6475

Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-b…

EPSS: 0.141 (94.5th percentile) — read the EPSS interpretation.

Affected products

Linuxfoundation Cups-filters — versions 1.0, 1.0.1, 1.0.2
Canonical Ubuntu_linux — versions 10.04, 12.04, 12.10
Debian Debian_linux
Fedoraproject Fedora
N/a — versions n/a

Weakness classification (CWE)

CWE-189

Public proof-of-concept exploits

References

USN-2144-1 (x_refsource_UBUNTU, vendor-advisory)
DSA-2876 (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM, Patch)
66166 (vdb-entry, x_refsource_BID)
USN-2143-1 (x_refsource_UBUNTU, vendor-advisory)
DSA-2875 (vendor-advisory, x_refsource_DEBIAN)

Frequently asked questions

What is CVE-2013-6475?: CVE-2013-6475 is a vulnerability in Linuxfoundation Cups-filters, classified under CWE-189. Published 2014-03-14.
Is CVE-2013-6475 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.