Vulnerability Details : CVE-2010-0542
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Threat overview for CVE-2010-0542
Top countries where our scanners detected CVE-2010-0542
Top open port discovered on systems with this issue
631
IPs affected by CVE-2010-0542 5,347
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2010-0542!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2010-0542
Probability of exploitation activity in the next 30 days: 1.07%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 82 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0542
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2010-0542
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0542
-
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:023
-
http://www.debian.org/security/2011/dsa-2176
Debian -- Security Information -- DSA-2176-1 cups
-
https://bugzilla.redhat.com/show_bug.cgi?id=587746
587746 – (CVE-2010-0542) CVE-2010-0542 CUPS: texttops unchecked memory allocation failure leading to NULL pointer dereferencePatch
-
http://security.gentoo.org/glsa/glsa-201207-10.xml
CUPS: Multiple vulnerabilities (GLSA 201207-10) — Gentoo security
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365
Repository / Oval Repository
-
http://cups.org/articles.php?L596
Page Has Moved - CUPS.orgPatch
-
http://www.securityfocus.com/bid/40943
CUPS 'texttops' Filter NULL-pointer Dereference Vulnerability
-
http://securitytracker.com/id?1024121
CUPS Null Pointer Dereference in 'texttops' Filter Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232
mandriva.com
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234
mandriva.com
-
http://www.vupen.com/english/advisories/2011/0535
Webmail | OVH- OVH
-
http://cups.org/strfiles/3516/str3516.patch
Page Has Moved - CUPS.orgPatch
-
http://cups.org/str.php?L3516
Missing malloc checks in texttops · Issue #3516 · apple/cups · GitHub
Products affected by CVE-2010-0542
- cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:cups:1.4.0:*:*:*:*:*:*:*