ID CVE-2015-3279
Summary Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.19:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.25:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.25:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.27:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.27:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.28:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.28:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.29:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.29:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.30:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.30:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.31:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.31:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.32:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.32:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.33:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.33:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.34:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.34:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.35:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.35:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.36:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.36:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.37:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.37:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.38:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.38:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.39:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.39:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.40:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.40:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.41:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.41:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.46:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.46:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.47:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.47:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.48:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.48:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.49:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.49:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.50:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.50:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.51:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.51:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.52:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.52:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.53:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.53:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.54:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.54:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.55:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.55:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.56:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.56:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.57:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.57:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.58:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.58:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.59:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.59:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.60:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.60:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.61:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.61:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.62:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.62:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.63:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.63:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.64:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.64:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.65:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.65:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.66:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.66:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.67:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.67:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.68:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.68:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.69:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.69:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.70:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.70:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 28-12-2016 - 02:59)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 1238990
title CVE-2015-3279 cups-filters: texttopdf integer overflow
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhba:tst:20150364001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhba:tst:20150364002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhba:tst:20150364003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20150364004
  • OR
    • AND
      • comment cups-filters is earlier than 0:1.0.35-21.el7
        oval oval:com.redhat.rhsa:tst:20152360009
      • comment cups-filters is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141795006
    • AND
      • comment cups-filters-devel is earlier than 0:1.0.35-21.el7
        oval oval:com.redhat.rhsa:tst:20152360005
      • comment cups-filters-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141795008
    • AND
      • comment cups-filters-libs is earlier than 0:1.0.35-21.el7
        oval oval:com.redhat.rhsa:tst:20152360007
      • comment cups-filters-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141795010
rhsa
id RHSA-2015:2360
released 2015-11-19
severity Moderate
title RHSA-2015:2360: cups-filters security, bug fix, and enhancement update (Moderate)
rpms
  • cups-filters-0:1.0.35-21.el7
  • cups-filters-devel-0:1.0.35-21.el7
  • cups-filters-libs-0:1.0.35-21.el7
refmap via4
bid 75557
confirm
debian DSA-3303
gentoo GLSA-201510-08
mlist [oss-security] 20150703 Re: CVE-2015-3258 CVE-2015-3279 cups-filters
suse openSUSE-SU-2015:1244
ubuntu USN-2659-1
Last major update 28-12-2016 - 02:59
Published 14-07-2015 - 16:59
Back to Top