{"id":"CVE-2010-2941","details":"ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.","modified":"2026-01-27T04:10:24.004971Z","published":"2010-11-05T17:00:01Z","withdrawn":"2026-01-27T04:10:24.004971Z","related":["openSUSE-SU-2024:10075-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2010-0811.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/42287"},{"type":"ADVISORY","url":"http://secunia.com/advisories/42867"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43521"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-201207-10.xml"},{"type":"WEB","url":"http://securitytracker.com/id?1024662"},{"type":"ARTICLE","url":"http://www.debian.org/security/2011/dsa-2176"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:232"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:233"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:234"},{"type":"WEB","url":"http://www.securityfocus.com/bid/44530"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1012-1"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/2856"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/3042"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/3088"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0061"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0535"},{"type":"ADVISORY","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/62882"},{"type":"ARTICLE","url":"http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"},{"type":"ARTICLE","url":"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html"},{"type":"ARTICLE","url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=624438"},{"type":"WEB","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323"},{"type":"WEB","url":"http://support.apple.com/kb/HT4435"},{"type":"WEB","url":"http://www.osvdb.org/68951"},{"type":"WEB","url":"http://www.redhat.com/support/errata/RHSA-2010-0866.html"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}