CVE-2023-4504

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Sep 21, 2023

Updated: Nov 9, 2023

CWE ID 122

CWE ID 787

Summary

CVE-2023-4504 is a vulnerability affecting CUPS (Common Unix Printing System) and libppd, where a heap-based buffer overflow can occur due to insufficient validation of data from maliciously crafted PPD (PostScript Printer Description) files. This flaw, if exploited successfully, may lead to arbitrary code execution. The vulnerability was addressed in CUPS version 2.4.7, which was released in September 2023.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

OpenPrinting CUPS
Fedora Operating System
Debian

Affected Vendors

Debian
Fedora Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sb50of
https://www.cve.org/CVERecord?id=CVE-2023-4504
https://nvd.nist.gov/vuln/detail/CVE-2023-4504

Back to Vulnerability Database