Launchpad.net

CVE 2008-0047

Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions.

Related bugs and status

CVE-2008-0047 (Candidate) is related to these bugs:

Bug #196404: [cupsys] [MDVSA-2008:050] multiple vulnerabilities

		In	Importance	Status
196404	[cupsys] [MDVSA-2008:050] multiple vulnerabilities	cupsys (Ubuntu)	Undecided	Fix Released
196404	[cupsys] [MDVSA-2008:050] multiple vulnerabilities	cupsys (Ubuntu Dapper)	Undecided	Fix Released
196404	[cupsys] [MDVSA-2008:050] multiple vulnerabilities	cupsys (Ubuntu Edgy)	Undecided	Fix Released
196404	[cupsys] [MDVSA-2008:050] multiple vulnerabilities	cupsys (Ubuntu Feisty)	Undecided	Fix Released
196404	[cupsys] [MDVSA-2008:050] multiple vulnerabilities	cupsys (Ubuntu Gutsy)	Undecided	Fix Released
196404	[cupsys] [MDVSA-2008:050] multiple vulnerabilities	cupsys (Debian)	Unknown	Fix Released
196404	[cupsys] [MDVSA-2008:050] multiple vulnerabilities	cupsys (Fedora)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

APPLE: APPLE-SA-2008-03-18
IDEFENSE: 20080318 Multiple Vend...
CONFIRM: http://docs.info.apple...
SUSE: SUSE-SA:2008:015
BID: 28307
SECTRACK: 1019646
SECUNIA: 29431
SECUNIA: 29448
DEBIAN: DSA-1530
CERT: TA08-079A
SECUNIA: 29420
SECUNIA: 29485
GENTOO: GLSA-200804-01
REDHAT: RHSA-2008:0192
SECUNIA: 29634
MANDRIVA: MDVSA-2008:081
UBUNTU: USN-598-1
SECUNIA: 29573
SECUNIA: 29603
SECUNIA: 29655
FEDORA: FEDORA-2008-2131
FEDORA: FEDORA-2008-2897
SECUNIA: 29750
VUPEN: ADV-2008-0921
VUPEN: ADV-2008-0924
OVAL: oval:org.mitre.oval:de...