← Back

CVE-2005-2874

nvd nist
Published: Sep 13, 2005Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.

Affected (45)

Easy Software Products
1 product
Cups
Configuration A
45 vulnerable
Vulnerable SoftwareAffected Versions
Cups
Version 1.1.10
Cups
Version 1.1.10_1
Cups
Version 1.1.11
Cups
Version 1.1.12
Cups
Version 1.1.13
Cups
Version 1.1.14
Cups
Version 1.1.15
Cups
Version 1.1.16
Cups
Version 1.1.17
Cups
Version 1.1.18
Cups
Version 1.1.19
Cups
Version 1.1.19_rc1
Cups
Version 1.1.19_rc2
Cups
Version 1.1.19_rc3
Cups
Version 1.1.19_rc4
Cups
Version 1.1.19_rc5
Cups
Version 1.1.1
Cups
Version 1.1.20
Cups
Version 1.1.20_rc1
Cups
Version 1.1.20_rc2
Cups
Version 1.1.20_rc3
Cups
Version 1.1.20_rc4
Cups
Version 1.1.20_rc5
Cups
Version 1.1.20_rc6
Cups
Version 1.1.21
Cups
Version 1.1.21_rc1
Cups
Version 1.1.21_rc2
Cups
Version 1.1.22
Cups
Version 1.1.22_rc1
Cups
Version 1.1.22_rc2
Cups
Version 1.1.2
Cups
Version 1.1.3
Cups
Version 1.1.4
Cups
Version 1.1.5
Cups
Version 1.1.5_1
Cups
Version 1.1.5_2
Cups
Version 1.1.6
Cups
Version 1.1.6_1
Cups
Version 1.1.6_2
Cups
Version 1.1.6_3
Cups
Version 1.1.7
Cups
Version 1.1.8
Cups
Version 1.1.9
Cups
Version 1.1.9_1
Cups
Version 1.1

References (14)

Source: secalert@redhat.com
Source: secalert@redhat.com
ExploitPatchVendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
ExploitPatchVendor Advisory
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.