CVE-2010-0302
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553.Enginsight
Vendor | Product | Version |
---|---|---|
apple | cups | 𝑥 < 1.4.4 |
apple | mac_os_x | 𝑥 < 10.5.8 |
apple | mac_os_x | 10.6.0 ≤ 𝑥 < 10.6.4 |
apple | mac_os_x_server | 𝑥 < 10.5.8 |
apple | mac_os_x_server | 10.6.0 ≤ 𝑥 < 10.6.4 |
canonical | ubuntu_linux | 6.06 |
canonical | ubuntu_linux | 8.04 |
canonical | ubuntu_linux | 8.10 |
canonical | ubuntu_linux | 9.04 |
canonical | ubuntu_linux | 9.10 |
redhat | enterprise_linux | 5.0 |
redhat | enterprise_linux_desktop | 5.0 |
redhat | enterprise_linux_eus | 5.4 |
redhat | enterprise_linux_server | 5.0 |
redhat | enterprise_linux_workstation | 5.0 |
Debian Releases
Ubuntu Releases
Common Weakness Enumeration