CVE-2014-9679
cups - security update
EPSS 5.9%
Description
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
How to fix CVE-2014-9679
To remediate CVE-2014-9679, upgrade the affected package to a fixed version below.
- Debian/cups—upgrade to 1.7.5-11 or later
- Debian/cups—upgrade to 1.4.4-7+squeeze7 or later
- Debian/cups—upgrade to 1.5.3-5+deb7u5 or later
Is CVE-2014-9679 being exploited?
Moderate — EPSS is 5.9%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 1.7.5-11
- from 0, < 1.4.4-7+squeeze7
- from 0, < 1.5.3-5+deb7u5