|
From cups-libs from 1.1.23-21.6 to 1.1.23-21.16.
21.8:
By keeping a partially negotiated SSL connection open an
attacker could prevent the cups server from accepting other
requests (CVE-2007-0720).
21.10:
The previous cups update (CVE-2007-0720) was incomplete and
could lead to cupsd crashing.
21.12:
A buffer overflow in the xpdf code contained in cups could
be exploited by attackers to potentially execute arbitrary
code (CVE-2007-3387).
21.14:
A missing length check in the IPP implementation of cups
could lead to a buffer overflow. Attackers could exploit
that to potentially execute arbitrary code with root
privileges (CVE-2007-4351).
21.16:
A buffer overflow in the xpdf code contained in cups could be
exploited by attackers to potentially execute arbitrary code
(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393).
|