CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1383

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile31.97th
PublishedDec 26, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun.

Affected Platforms (CPE)

πŸ“¦
Easy Software Products

Cups

= 1.0.4
πŸ“¦
Easy Software Products

Cups

= 1.0.4_8
πŸ“¦
Easy Software Products

Cups

= 1.1.1
πŸ“¦
Easy Software Products

Cups

= 1.1.4
πŸ“¦
Easy Software Products

Cups

= 1.1.4_2
πŸ“¦
Easy Software Products

Cups

= 1.1.4_3
πŸ“¦
Easy Software Products

Cups

= 1.1.4_5
πŸ“¦
Easy Software Products

Cups

= 1.1.6
πŸ“¦
Easy Software Products

Cups

= 1.1.7
πŸ“¦
Easy Software Products

Cups

= 1.1.10
πŸ“¦
Easy Software Products

Cups

= 1.1.13
πŸ“¦
Easy Software Products

Cups

= 1.1.14
πŸ“¦
Easy Software Products

Cups

= 1.1.17
πŸ’»
Apple

Mac Os X

= 10.2
πŸ’»
Apple

Mac Os X

= 10.2.2

References & Advisories

πŸ”— ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-004.0.txt
πŸ”— http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html
πŸ”— http://marc.info/?l=bugtraq&m=104032149026670&w=2
πŸ”— http://secunia.com/advisories/7756/
πŸ”— http://secunia.com/advisories/7794
πŸ”— http://secunia.com/advisories/7803
πŸ”— http://secunia.com/advisories/7843
πŸ”— http://secunia.com/advisories/7858

Related Vulnerabilities

CVE-2002-136710.0

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a cert...

CVE-2002-136910.0

jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing...

CVE-2001-019410.0

Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line.

CVE-2004-088810.0

Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow r...