Buffer Overflow

Affecting cups package, versions <1.7.5-11+deb8u8

Report new vulnerabilities
Do your applications use this vulnerable package? Test your applications

NVD Description

Note: Versions mentioned in the description apply to the upstream cups package. See Remediation section below for Debian:8 relevant versions.

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs.

Remediation

Upgrade Debian:8 cups to version 1.7.5-11+deb8u8 or higher.

References

CVSS Score

3.3
low severity
  • Attack Vector
    Local
  • Attack Complexity
    Low
  • Privileges Required
    None
  • User Interaction
    Required
  • Scope
    Unchanged
  • Confidentiality
    None
  • Integrity
    Low
  • Availability
    None
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE
CVE-2019-8842
CWE
CWE-120
Snyk ID
SNYK-DEBIAN8-CUPS-567468
Disclosed
27 Oct, 2020
Published
25 Apr, 2020