VDB

CVE-2023-34095

CVE-2023-34095 PUBLISHED CVSS 9.800000190734863 CRITICAL

cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable to buffer overflows via improper use of `scanf(3)`. cpdb-libs uses the `fscanf()` and `scanf()` functions to parse command lines and configuration files, dropping the read string components into fixed-length buffers, but does not limit the length of the strings to be read by `fscanf()` and `scanf()` causing buffer overflows when a string is longer than 1023 characters. A patch for this issue is available at commit f181bd1f14757c2ae0f17cc76dc20421a40f30b7. As all buffers have a length of 1024 characters, the patch limits the maximum string length to be read to 1023 by replacing all occurrences of `%s` with `%1023s` in all calls of the `fscanf()` and `scanf()` functions.

EPSS 0.42% · 62.3th percentile

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.42%
62.3th percentile

Affected Products

VendorProductVersions
OpenPrintingcpdb-libs>= 1.0, <= 2.0b4, *
openprintingcpdb-libs1.0, 2.0, 2.0

Exploit Intelligence

Timeline

  • Jun 14, 2023 CVE Published
  • Jun 15, 2023 EPSS Score
  • Jul 21, 2023 EPSS Score
  • Aug 25, 2023 EPSS Score
  • Nov 4, 2023 EPSS Score
  • Dec 10, 2023 EPSS Score
  • Jan 14, 2024 EPSS Score
  • Feb 19, 2024 EPSS Score
  • Mar 25, 2024 EPSS Score
  • Apr 30, 2024 EPSS Score
  • Jul 10, 2024 EPSS Score
  • Aug 14, 2024 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›