Short Name |
APP:CUPS:TEXTTOPS-OF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Apple CUPS Text-to-PostScript Filter Integer Overflow |
Release Date |
2011/07/26 |
Update Number |
1961 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Apple CUPS Text-to-PostScript texttops Filter. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before using it to allocate memory buffers. Remote attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Note that local attackers may also exploit these vulnerabilities to elevate privileges. Successful remote exploits may require printer sharing to be enabled on the vulnerable system. These issues affect versions prior to CUPS 1.3.9.