CVE-2002-1368

Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negative Content-Length value or (2) a negative length in a chunked transfer encoding.

Published: Dec 26, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1368
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
easy_software_products / cups	1.1.10	1.1.10.x
easy_software_products / cups	1.1.7	1.1.7.x
easy_software_products / cups	1.0.4_8	1.0.4_8.x
easy_software_products / cups	1.1.13	1.1.13.x
easy_software_products / cups	1.1.17	1.1.17.x
easy_software_products / cups	1.1.4_3	1.1.4_3.x
easy_software_products / cups	1.1.4	1.1.4.x
easy_software_products / cups	1.1.4_5	1.1.4_5.x
easy_software_products / cups	1.1.1	1.1.1.x
easy_software_products / cups	1.0.4	1.0.4.x
easy_software_products / cups	1.1.14	1.1.14.x
easy_software_products / cups	1.1.4_2	1.1.4_2.x
easy_software_products / cups	1.1.6	1.1.6.x
apple / mac_os_x	10.2.2	10.2.2.x
apple / mac_os_x	10.2	10.2.x

Vulnerability Database

289,599

CVE-2002-1368