Mandriva Linux Security Advisory - A flaw was found in how CUPS handled the addition and removal of remote printers via IPP that could allow a remote attacker to send a malicious IPP packet to the UDP port causing CUPS to crash.
12147b573472bdc8bd17888a443b482c258f574cbe5f9670b1dc12fc05b1a2f6
Mandriva Linux Security Advisory - Dave Camp at Critical Path Software discovered a buffer overflow in CUPS 1.1.23 and earlier could allow local admin users to execute arbitrary code via a crafted URI to the CUPS service. The Red Hat Security Team also found two flaws in CUPS 1.1.x where a malicious user on the local subnet could send a set of carefully crafted IPP packets to the UDP port in such a way as to cause CUPS to crash or consume memory and lead to a CUPS crash. Finally, another flaw was found in how CUPS handled the addition and removal of remote printers via IPP that could allow a remote attacker to send a malicious IPP packet to the UDP port causing CUPS to crash.
a649ed2550f2724a2be3856c2b5d7185726ab19f41cbc7efcef59a823da612a9