CVE-2008-0047
cupsys - multiple vulnerabilities
EPSS 25.3%
Description
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions.
How to fix CVE-2008-0047
To remediate CVE-2008-0047, upgrade the affected package to a fixed version below.
- Debian/cups—upgrade to 1.3.6-3 or later
- Debian/cupsys—upgrade to 1.2.7-4etch3 or later
Is CVE-2008-0047 being exploited?
Moderate — EPSS is 25.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.3.6-3
- from 0, < 1.2.7-4etch3