This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-28 14:09:37 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
30cea6be-1d0c-11d9-814e-0001020eed82 | CUPS -- local information disclosure Certain methods of authenticated remote printing in CUPS can disclose user names and passwords in the log files. A workaround for this problem is to set more strict access permissions on the CUPS logfiles. Discovery 2004-09-23 Entry 2004-10-13 cups-base < 1.1.22 http://docs.info.apple.com/article.html?artnum=61798 http://secunia.com/advisories/12690/ http://www.cups.org/str.php?L920 CVE-2004-0923 557062 |
87106b67-be13-11dd-a578-0030843d3802 | cups -- potential buffer overflow in PNG reading code CUPS reports:
Discovery 2008-10-17 Entry 2008-11-29 Modified 2008-12-25 cups-base < 1.3.9_2 CVE-2008-5286 http://www.cups.org/str.php?L2974 http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt http://www.openwall.com/lists/oss-security/2008/11/25/2 |
a40ec970-0efa-11e5-90e4-d050996490d0 | cups -- multiple vulnerabilities CUPS development team reports:
Discovery 2015-06-09 Entry 2015-06-09 cups-base < 2.0.3 CVE-2015-1158 CVE-2015-1159 https://cups.org/blog.php?L1082 https://www.kb.cert.org/vuls/id/810572 |
24eee285-09c7-11da-bc08-0001020eed82 | xpdf -- disk fill DoS vulnerability xpdf is vulnerable to a denial of service vulnerability which can cause xpdf to create an infinitely large file, thereby filling up the /tmp partition, when opening a specially crafted PDF file. Note that several applications contains an embedded version of xpdf, therefor making them the vulnerable to the same DoS. In CUPS this vulnerability would cause the pdftops filter to crash. Discovery 2005-08-09 Entry 2005-08-12 Modified 2005-09-07 xpdf < 3.00_7 kdegraphics < 3.4.2 gpdf < 2.10.0_2 cups-base < 1.1.23.0_5 14529 CVE-2005-2097 http://rhn.redhat.com/errata/RHSA-2005-670.html http://www.kde.org/info/security/advisory-20050809-1.txt |
f755545e-6fcd-11d9-abec-00061bd2d56f | xpdf -- makeFileKey2() buffer overflow vulnerability An iDEFENSE Security Advisory reports:
Discovery 2005-01-06 Entry 2005-01-26 Modified 2005-02-03 xpdf < 3.00_6 kdegraphics < 3.3.2_2 gpdf < 2.8.3 teTeX-base < 2.0.2_9 cups-base < 1.1.23.0_3 koffice < 1.3.5_2,1 pdftohtml < 0.36_2 CVE-2005-0064 http://marc.theaimsgroup.com/?l=bugtraq&m=110608898221554 http://www.koffice.org/security/advisory-20050120-1.txt |
e3e266e9-5473-11d9-a9e7-0001020eed82 | xpdf -- buffer overflow vulnerability An iDEFENSE Security Advisory reports:
Discovery 2004-11-23 Entry 2004-12-23 Modified 2005-01-13 xpdf < 3.00_5 kdegraphics < 3.3.2_1 gpdf le 2.8.1 teTeX-base le 2.0.2_6 cups-base le 1.1.22.0 koffice le 1.3.5,1 pdftohtml < 0.36_1 CVE-2004-1125 http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities |
ad2f3337-26bf-11d9-9289-000c41e2cdad | xpdf -- integer overflow vulnerabilities Chris Evans discovered several integer arithmetic overflows in the xpdf 2 and xpdf 3 code bases. The flaws have impacts ranging from denial-of-service to arbitrary code execution. Discovery 2004-10-21 Entry 2004-10-25 gpdf cups-base < 1.1.22.0 xpdf < 3.00_4 kdegraphics < 3.3.0_1 koffice < 1.3.2_1,1 teTeX-base < 2.0.2_4 CVE-2004-0888 CVE-2004-0889 http://scary.beasts.org/security/CESA-2004-002.txt http://scary.beasts.org/security/CESA-2004-007.txt http://www.kde.org/info/security/advisory-20041021-1.txt |
05dcf751-0733-11d9-b45d-000c41e2cdad | cups -- print queue browser denial-of-service If the CUPS server (cupsd) receives a zero-length UDP message, it will disable its print queue browser service. Discovery 2004-08-23 Entry 2004-09-15 cups-base < 1.1.21 CVE-2004-0558 http://www.cups.org/str.php?L863 |
0e43a14d-3f3f-11dc-a79a-0016179b2dd5 | xpdf -- stack based buffer overflow The KDE Team reports:
Discovery 2007-07-30 Entry 2007-07-31 Modified 2009-04-29 xpdf < 3.02_2 kdegraphics < 3.5.7_1 cups-base < 1.2.11_3 gpdf gt 0 pdftohtml < 0.39_3 poppler < 0.5.9_4 25124 CVE-2007-3387 http://www.kde.org/info/security/advisory-20070730-1.txt |
2747fc39-915b-11dc-9239-001c2514716c | xpdf -- multiple remote Stream.CC vulnerabilities Secunia Research reports:
Discovery 2007-11-07 Entry 2007-11-12 Modified 2007-11-14 cups-base < 1.3.3_2 gpdf gt 0 kdegraphics < 3.5.8_1 koffice < 1.6.3_3,2 poppler < 0.6 xpdf < 3.02_5 26367 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 |
8dd9722c-8e97-11dc-b8f6-001c2514716c | cups -- off-by-one buffer overflow Secunia reports:
Discovery 2007-11-06 Entry 2007-11-09 Modified 2007-11-12 cups-base < 1.3.3_1 CVE-2007-4351 http://secunia.com/secunia_research/2007-76/ |
39988ee8-1918-11dc-b6bd-0016179b2dd5 | cups -- Incomplete SSL Negotiation Denial of Service Secunia reports:
Discovery 2007-05-05 Entry 2007-06-12 cups-base < 1.2.11 http://secunia.com/advisories/24517/ http://security.gentoo.org/glsa/glsa-200703-28.xml CVE-2007-0720 |
ce29ce1d-971a-11dd-ab7e-001c2514716c | cups -- multiple vulnerabilities The release note of cups 1.3.9 reports:
Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the affected service. Discovery 2008-10-09 Entry 2008-10-10 cups-base < 1.3.9 CVE-2008-3639 CVE-2008-3640 CVE-2008-3641 |
736e55bc-39bb-11de-a493-001b77d09812 | cups -- remote code execution and DNS rebinding Gentoo security team summarizes:
Discovery 2009-05-05 Entry 2009-05-07 Modified 2009-05-13 cups-base < 1.3.10 34571 34665 34568 CVE-2009-0163 CVE-2009-0164 CVE-2009-0146 CVE-2009-0147 CVE-2009-0166 http://www.cups.org/articles.php?L582 |
40a3bca2-6809-11d9-a9e7-0001020eed82 | cups-base -- HPGL buffer overflow vulnerability Ariel Berkman has discovered a buffer overflow vulnerability in CUPS's HPGL input driver. This vulnerability could be exploited to execute arbitrary code with the permission of the CUPS server by printing a specially crated HPGL file. Discovery 2004-12-15 Entry 2005-01-17 cups-base fr-cups-base < 1.1.22.0_2 11968 CVE-2004-1267 http://tigger.uic.edu/~jlongs2/holes/cups.txt http://www.cups.org/str.php?L1024 |