CVE-2007-5849

Name of the Vulnerable Software and Affected Versions: CUPS versions 1.2 through 1.3.4 cups prior to version 1.3.5

Description: The issue is related to an integer underflow in the asn1 get string function in the SNMP back end, which can be exploited by remote attackers to execute arbitrary code via a crafted SNMP response, triggering a stack-based buffer overflow. Multiple vulnerabilities in the cups package can lead to breaches of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations: For CUPS versions 1.2 through 1.3.4, update to version 1.3.5 or later to resolve the issue. For cups prior to version 1.3.5, update to version 1.3.5 or later to resolve the issue.