CVE-2002-1384

Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.

Published: Jan 2, 2003
Updated: Apr 13, 2023
CVE: CVE-2002-1384
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
xpdf / xpdf	2.0	2.0.x
easy_software_products / cups	1.1.10	1.1.10.x
xpdf / xpdf	1.0	1.0.x
easy_software_products / cups	1.1.7	1.1.7.x
xpdf / xpdf	0.91	0.91.x
easy_software_products / cups	1.0.4_8	1.0.4_8.x
easy_software_products / cups	1.1.13	1.1.13.x
xpdf / xpdf	1.0a	1.0a.x
easy_software_products / cups	1.1.17	1.1.17.x
easy_software_products / cups	1.1.4_3	1.1.4_3.x
easy_software_products / cups	1.1.4	1.1.4.x
xpdf / xpdf	2.1	2.1.x
xpdf / xpdf	0.90	0.90.x
easy_software_products / cups	1.1.4_5	1.1.4_5.x
easy_software_products / cups	1.1.1	1.1.1.x
easy_software_products / cups	1.0.4	1.0.4.x
easy_software_products / cups	1.1.14	1.1.14.x
easy_software_products / cups	1.1.4_2	1.1.4_2.x
xpdf / xpdf	1.1	1.1.x
easy_software_products / cups	1.1.6	1.1.6.x

Vulnerability Database

289,599

CVE-2002-1384