CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1369

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1440%
EPSS Percentile23.49th
PublishedDec 26, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

Affected Platforms (CPE)

πŸ“¦
Easy Software Products

Cups

= 1.0.4
πŸ“¦
Easy Software Products

Cups

= 1.0.4_8
πŸ“¦
Easy Software Products

Cups

= 1.1.1
πŸ“¦
Easy Software Products

Cups

= 1.1.4
πŸ“¦
Easy Software Products

Cups

= 1.1.4_2
πŸ“¦
Easy Software Products

Cups

= 1.1.4_3
πŸ“¦
Easy Software Products

Cups

= 1.1.4_5
πŸ“¦
Easy Software Products

Cups

= 1.1.6
πŸ“¦
Easy Software Products

Cups

= 1.1.7
πŸ“¦
Easy Software Products

Cups

= 1.1.10
πŸ“¦
Easy Software Products

Cups

= 1.1.13
πŸ“¦
Easy Software Products

Cups

= 1.1.14
πŸ“¦
Easy Software Products

Cups

= 1.1.17
πŸ’»
Apple

Mac Os X

= 10.2
πŸ’»
Apple

Mac Os X

= 10.2.2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html
πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702
πŸ”— http://marc.info/?l=bugtraq&m=104032149026670&w=2
πŸ”— http://www.debian.org/security/2003/dsa-232
πŸ”— http://www.idefense.com/advisory/12.19.02.txt
πŸ”— http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001
πŸ”— http://www.novell.com/linux/security/advisories/2003_002_cups.html
πŸ”— http://www.redhat.com/support/errata/RHSA-2002-295.html

Related Vulnerabilities

CVE-2002-136710.0

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a cert...

CVE-2002-138310.0

Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary...

CVE-2001-019410.0

Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line.

CVE-2004-088810.0

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow r...