Bug#472105: cupsys: CVE-2008-0047 buffer overflow in cgi applications using crafted search queries

To: submit@bugs.debian.org
Subject: Bug#472105: cupsys: CVE-2008-0047 buffer overflow in cgi applications using crafted search queries
From: Nico Golde <nion@debian.org>
Date: Sat, 22 Mar 2008 03:21:29 +0100
Message-id: <[🔎] 20080322022129.GA21608@ngolde.de>
Reply-to: Nico Golde <nion@debian.org>, 472105@bugs.debian.org

Package: cupsys
Severity: important
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for cupsys.

CVE-2008-0047[0]:
| Heap-based buffer overflow in CUPS in Apple Mac OS X 10.5.2, when
| printer sharing is enabled, allows remote attackers to execute
| arbitrary code via crafted search expressions.

Patch:
https://bugzilla.redhat.com/attachment.cgi?id=296901

If you fix this vulnerability please also include the CVE id
in your changelog entry.

For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: pgpF1JlHUX7z3.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Bug#472105: marked as done (cupsys: CVE-2008-0047 buffer overflow in cgi applications using crafted search queries)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: cupsys 1.3.6-2 MIGRATED to testing
Next by Date: Processed: severity of 472105 is grave
Previous by thread: cupsys 1.3.6-2 MIGRATED to testing
Next by thread: Bug#472105: marked as done (cupsys: CVE-2008-0047 buffer overflow in cgi applications using crafted search queries)
Index(es):
- Date
- Thread