What is the severity of CVE-2002-1384?

CVE-2002-1384 has a high severity rating due to its potential to allow local users to execute arbitrary code.

How do I fix CVE-2002-1384?

To fix CVE-2002-1384, update CUPS or Xpdf to the latest versions that have patched this vulnerability.

Which versions of software are affected by CVE-2002-1384?

CVE-2002-1384 affects CUPS versions prior to 1.1.18 and Xpdf versions prior to 2.01.

Can CVE-2002-1384 be exploited remotely?

No, CVE-2002-1384 is a local vulnerability that requires access to the system to exploit.

What type of vulnerability is CVE-2002-1384?

CVE-2002-1384 is an integer overflow vulnerability that can lead to arbitrary code execution.

Vulnerability/
CVE-2002-1384

high

7.2

CWE

NVD-CWE-Other 190

2/1/2003

1/9/2004

8/8/2024

CVE-2002-1384: Integer Overflow

First published: Thu Jan 02 2003(Updated: )

Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
CUPS (Common UNIX Printing System)	=1.0.4
CUPS (Common UNIX Printing System)	=1.0.4_8
CUPS (Common UNIX Printing System)	=1.1.1
CUPS (Common UNIX Printing System)	=1.1.4
CUPS (Common UNIX Printing System)	=1.1.4_2
CUPS (Common UNIX Printing System)	=1.1.4_3
CUPS (Common UNIX Printing System)	=1.1.4_5
CUPS (Common UNIX Printing System)	=1.1.6
CUPS (Common UNIX Printing System)	=1.1.7
CUPS (Common UNIX Printing System)	=1.1.10
CUPS (Common UNIX Printing System)	=1.1.13
CUPS (Common UNIX Printing System)	=1.1.14
CUPS (Common UNIX Printing System)	=1.1.17
Xpdf	=0.90
Xpdf	=0.91
Xpdf	=1.0
Xpdf	=1.0a
Xpdf	=1.1
Xpdf	=2.0
Xpdf	=2.1

Remedy

http://www.idefense.com/advisory/12.23.02.txt

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-1384?
CVE-2002-1384 has a high severity rating due to its potential to allow local users to execute arbitrary code.
How do I fix CVE-2002-1384?
To fix CVE-2002-1384, update CUPS or Xpdf to the latest versions that have patched this vulnerability.
Which versions of software are affected by CVE-2002-1384?
CVE-2002-1384 affects CUPS versions prior to 1.1.18 and Xpdf versions prior to 2.01.
Can CVE-2002-1384 be exploited remotely?
No, CVE-2002-1384 is a local vulnerability that requires access to the system to exploit.
What type of vulnerability is CVE-2002-1384?
CVE-2002-1384 is an integer overflow vulnerability that can lead to arbitrary code execution.

agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/remedy
agent/author
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/easy software products
canonical/cups (common unix printing system)
version/cups (common unix printing system)/1.0.4
version/cups (common unix printing system)/1.0.4_8
version/cups (common unix printing system)/1.1.1
version/cups (common unix printing system)/1.1.4
version/cups (common unix printing system)/1.1.4_2
version/cups (common unix printing system)/1.1.4_3
version/cups (common unix printing system)/1.1.4_5
version/cups (common unix printing system)/1.1.6
version/cups (common unix printing system)/1.1.7
version/cups (common unix printing system)/1.1.10
version/cups (common unix printing system)/1.1.13
version/cups (common unix printing system)/1.1.14
version/cups (common unix printing system)/1.1.17
vendor/xpdf
canonical/xpdf
version/xpdf/0.90
version/xpdf/0.91
version/xpdf/1.0
version/xpdf/1.0a
version/xpdf/1.1
version/xpdf/2.0
version/xpdf/2.1