CVE-2023-34095 — CRITICAL (9.8)

Q: How severe is CVE-2023-34095?

CVE-2023-34095 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2023-34095?

Check the references section above for vendor advisories and patch information. Affected products include: Openprinting Cpdb-Libs.

Vulnerability Description

cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable to buffer overflows via improper use of `scanf(3)`. cpdb-libs uses the `fscanf()` and `scanf()` functions to parse command lines and configuration files, dropping the read string components into fixed-length buffers, but does not limit the length of the strings to be read by `fscanf()` and `scanf()` causing buffer overflows when a string is longer than 1023 characters. A patch for this issue is available at commit f181bd1f14757c2ae0f17cc76dc20421a40f30b7. As all buffers have a length of 1024 characters, the patch limits the maximum string length to be read to 1023 by replacing all occurrences of `%s` with `%1023s` in all calls of the `fscanf()` and `scanf()` functions.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Openprinting	Cpdb-Libs	>= 1.0, < 2.0

Related Weaknesses (CWE)

CWE-121 CWE-787

References

http://www.openwall.com/lists/oss-security/2023/06/14/7ExploitMailing ListThird Party Advisory
https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cProduct
https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cProduct
https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cProduct
https://github.com/OpenPrinting/cpdb-libs/commit/f181bd1f14757c2ae0f17cc76dc2042Patch
https://github.com/OpenPrinting/cpdb-libs/security/advisories/GHSA-25j7-9gfc-f46ExploitVendor Advisory
http://www.openwall.com/lists/oss-security/2023/06/14/7ExploitMailing ListThird Party Advisory
https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cProduct
https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cProduct
https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cProduct
https://github.com/OpenPrinting/cpdb-libs/commit/f181bd1f14757c2ae0f17cc76dc2042Patch
https://github.com/OpenPrinting/cpdb-libs/security/advisories/GHSA-25j7-9gfc-f46ExploitVendor Advisory

FAQ

What is CVE-2023-34095?

CVE-2023-34095 is a vulnerability with a CVSS score of 9.8 (CRITICAL). cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable to buffer overflows via improper use of...

How severe is CVE-2023-34095?

CVE-2023-34095 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-34095?

Check the references section above for vendor advisories and patch information. Affected products include: Openprinting Cpdb-Libs.