Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-0542 | First vendor Publication | 2010-06-21 |
Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10365 | |||
Oval ID: | oval:org.mitre.oval:def:10365 | ||
Title: | The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file. | ||
Description: | The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0542 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201207-10 (cups) File : nvt/glsa_201207_10.nasl |
2011-08-09 | Name : CentOS Update for cups CESA-2010:0490 centos5 i386 File : nvt/gb_CESA-2010_0490_cups_centos5_i386.nasl |
2011-03-09 | Name : Debian Security Advisory DSA 2176-1 (cups) File : nvt/deb_2176_1.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17615 File : nvt/gb_fedora_2010_17615_cups_fc13.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17627 File : nvt/gb_fedora_2010_17627_cups_fc12.nasl |
2010-11-23 | Name : Mandriva Update for cups MDVSA-2010:232 (cups) File : nvt/gb_mandriva_MDVSA_2010_232.nasl |
2010-08-20 | Name : CentOS Update for cups CESA-2010:0490 centos3 i386 File : nvt/gb_CESA-2010_0490_cups_centos3_i386.nasl |
2010-07-30 | Name : Fedora Update for cups FEDORA-2010-10101 File : nvt/gb_fedora_2010_10101_cups_fc12.nasl |
2010-07-02 | Name : Fedora Update for cups FEDORA-2010-10388 File : nvt/gb_fedora_2010_10388_cups_fc13.nasl |
2010-06-28 | Name : Fedora Update for cups FEDORA-2010-10066 File : nvt/gb_fedora_2010_10066_cups_fc11.nasl |
2010-06-25 | Name : Ubuntu Update for cups, cupsys vulnerabilities USN-952-1 File : nvt/gb_ubuntu_USN_952_1.nasl |
2010-06-21 | Name : CUPS 'texttops' Filter NULL-pointer Dereference Vulnerability File : nvt/gb_cups_40943.nasl |
2010-06-18 | Name : RedHat Update for cups RHSA-2010:0490-01 File : nvt/gb_RHSA-2010_0490-01_cups.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-176-05 cups File : nvt/esoft_slk_ssa_2010_176_05.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65692 | CUPS texttops.c _WriteProlog Function Memory Corruption |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_cups-101124.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0490.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100617_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-07-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201207-10.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-176-05.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_cups-101124.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_cups-101124.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2176.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12665.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cups-101119.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-7244.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-232.nasl - Type : ACT_GATHER_INFO |
2010-07-27 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10101.nasl - Type : ACT_GATHER_INFO |
2010-07-08 | Name : The remote printer service is affected by multiple vulnerabilities. File : cups_1_4_4.nasl - Type : ACT_GATHER_INFO |
2010-07-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10388.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10066.nasl - Type : ACT_GATHER_INFO |
2010-06-22 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-952-1.nasl - Type : ACT_GATHER_INFO |
2010-06-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0490.nasl - Type : ACT_GATHER_INFO |
2010-06-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0490.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-11-28 23:08:14 |
|
2024-11-28 12:21:11 |
|
2024-02-16 12:11:59 |
|
2021-05-04 12:11:13 |
|
2021-04-22 01:11:41 |
|
2020-05-23 01:41:40 |
|
2020-05-23 00:25:17 |
|
2017-09-19 09:23:39 |
|
2016-04-26 19:34:42 |
|
2014-06-14 13:28:27 |
|
2014-02-17 10:53:54 |
|
2013-05-16 17:02:38 |
|
2013-05-10 23:18:12 |
|