CVE-2002-1368

Name of the Vulnerable Software and Affected Versions CUPS versions 1.1.14 through 1.1.17

Description The issue concerns multiple vulnerabilities in the CUPS package that can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Specifically, the Common Unix Printing System (CUPS) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with a negative Content-Length value or a negative length in a chunked transfer encoding.

Recommendations For CUPS versions 1.1.14 through 1.1.17, update to a version outside of this range to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.