CVE-2009-3553

HIGHCVSS 7.5

7.5

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information.

🔗 References (44)

secalert@redhathttp://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
secalert@redhathttp://secunia.com/advisories/37360
secalert@redhathttp://secunia.com/advisories/37364
secalert@redhathttp://secunia.com/advisories/38241
secalert@redhathttp://secunia.com/advisories/43521
secalert@redhathttp://security.gentoo.org/glsa/glsa-201207-10.xml
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1
secalert@redhathttp://support.apple.com/kb/HT4004
secalert@redhathttp://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs
secalert@redhathttp://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs
secalert@redhathttp://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs
secalert@redhathttp://www.cups.org/str.php?L3200
secalert@redhathttp://www.debian.org/security/2011/dsa-2176
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2010:073
secalert@redhathttp://www.redhat.com/support/errata/RHSA-2009-1595.html

Is Your Infrastructure Affected by CVE-2009-3553?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-3553

📅 Published

🔄 Last Modified

🔗 References (44)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-3553?