Launchpad CVE tracker

CVE 2013-6475

Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.

Related bugs and status

CVE-2013-6475 (Candidate) is related to these bugs:

Bug #1178172: cups does not start when avahi-daemon is not installed

Summary				In	Importance	Status
	1178172	cups does not start when avahi-daemon is not installed		cups (Ubuntu)	Undecided	Fix Released
	1178172	cups does not start when avahi-daemon is not installed		cups-filters (Ubuntu)	Undecided	Fix Released

Bug #1242185: [regression] cups-daemon hard-depends on avahi-daemon

		In	Importance	Status
1242185	[regression] cups-daemon hard-depends on avahi-daemon	cups (Ubuntu)	Undecided	Fix Released
1242185	[regression] cups-daemon hard-depends on avahi-daemon	upstart (Ubuntu)	High	Confirmed
1242185	[regression] cups-daemon hard-depends on avahi-daemon	cups-filters (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-6475

References