The MITRE CVE dictionary describes this issue as:
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.
Find out more about CVE-2007-4351 from the
MITRE CVE dictionary dictionary and
Vulnerable. This issue affected the CUPS packages in Red Hat Enterprise Linux 5.
This issue also affected the versions of CUPS packages in Red Hat Enterprise Linux 3 and 4, but exploitation would only lead to a possible denial of service. Updates are available from
Red Hat Security Errata
|Red Hat Enterprise Linux version 3 (cups)
|Red Hat Enterprise Linux version 5 (cups)
|Red Hat Enterprise Linux version 4 (cups)
Red Hat would like to thank Alin Rad Pop for reporting this issue.