CVE-2008-0882

EPSS 23.1%

cupsys - arbitrary code execution

Published: 2/21/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-0882

Description

Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information.

Affected packages (2)

Debian/cupsfrom 0, < 1.3.6-1
Debian/cupsysfrom 0, < 1.3.5-1+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-0882