CVE-2004-1267
NONE EPSS 92.7%
Published Jan 10, 200521y ago · Modified Jun 16, 20262w ago
Published Jan 10, 2005 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file.
Threat Intelligence
EPSS Exploit Probability
92.7% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 24
| Vendor | Product | Version | Range |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | any |
| easy_software_products | cups | 1.0.4_8 | any |
| easy_software_products | cups | 1.1.1 | any |
| easy_software_products | cups | 1.1.4 | any |
| easy_software_products | cups | 1.1.4_2 | any |
| easy_software_products | cups | 1.1.4_3 | any |
| easy_software_products | cups | 1.1.4_5 | any |
| easy_software_products | cups | 1.1.6 | any |
| easy_software_products | cups | 1.1.7 | any |
| easy_software_products | cups | 1.1.10 | any |
| easy_software_products | cups | 1.1.12 | any |
| easy_software_products | cups | 1.1.13 | any |
| easy_software_products | cups | 1.1.14 | any |
| easy_software_products | cups | 1.1.15 | any |
| easy_software_products | cups | 1.1.16 | any |
| easy_software_products | cups | 1.1.17 | any |
| easy_software_products | cups | 1.1.18 | any |
| easy_software_products | cups | 1.1.19 | any |
| easy_software_products | cups | 1.1.19_rc5 | any |
| easy_software_products | cups | 1.1.20 | any |
| easy_software_products | cups | 1.1.21 | any |
| easy_software_products | cups | 1.1.22_rc1 | any |
| redhat | fedora_core | core_2.0 | any |
| redhat | fedora_core | core_3.0 | any |
References 8
- tigger.uic.edu http://tigger.uic.edu/~jlongs2/holes/cups.txt
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:008
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-013.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-053.html
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/18604
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10620
- usn.ubuntu.com https://usn.ubuntu.com/50-1/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.