CVE-2008-1374 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.8 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 84%

Affected Products (NVD)

Vendor	Product	Version
apple	cups	𝑥 ≤ 1.3.11

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

cups

bookworm	2.4.2-3+deb12u7 fixed
bookworm (security)	2.4.2-3+deb12u8 fixed
bullseye	2.3.3op2-3+deb11u8 fixed
bullseye (security)	2.3.3op2-3+deb11u9 fixed
sid	2.4.10-2 fixed
trixie	2.4.10-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

cupsys

dapper	not-affected
edgy	not-affected
feisty	not-affected
gutsy	not-affected

Common Weakness Enumeration

CWE-190 - Integer Overflow or Wraparound
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

References

http://secunia.com/advisories/29630

http://secunia.com/advisories/31388

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245

http://www.redhat.com/support/errata/RHSA-2008-0206.html

http://www.securityfocus.com/archive/1/495164/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/41758

https://issues.rpath.com/browse/RPL-2390

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636

http://secunia.com/advisories/29630

http://secunia.com/advisories/31388

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0245

http://www.redhat.com/support/errata/RHSA-2008-0206.html

http://www.securityfocus.com/archive/1/495164/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/41758

https://issues.rpath.com/browse/RPL-2390

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9636