PublicDate: 2007-12-19 21:46:00 UTC
Candidate: CVE-2007-5849
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849
 https://ubuntu.com/security/notices/USN-563-1
Description:
 Integer underflow in the asn1_get_string function in the SNMP back end
 (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to
 execute arbitrary code via a crafted SNMP response that triggers a
 stack-based buffer overflow.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: kees
CVSS: 
upstream_cupsys: released (1.3.5-1)
dapper_cupsys: released (1.2.2-0ubuntu0.6.06.6)
edgy_cupsys: released (1.2.4-2ubuntu3.2)
feisty_cupsys: released (1.2.8-0ubuntu8.2)
gutsy_cupsys: released (1.3.2-1ubuntu7.3)
devel_cupsys: not-affected