Description
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
CVSS Metrics
- Vector
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Access Vector
- network
- Access Cmplx
- low
- Auth
- none
- Confidentiality
- complete
- Integrity
- complete
- Availability
- complete
- Weaknesses
- NVD-CWE-Other
Metadata
- Primary Vendor
- EASY_SOFTWARE_PRODUCTS
- Published
- 12/26/2002
- Last Modified
- 4/3/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
easy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupseasy_software_products : cupsapple : mac_os_xapple : mac_os_x
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.