A heap-based buffer overflow flaw was found in the pdftoopvp filter. If a malicious PDF file were processed, it could lead to arbitrary code execution with the privileges of the "lp" user. This issue was due to the following fix not being present in pdftoopvp:
This issue was discovered by Florian Weimer of the Red Hat Product Security Team.
This issue has been resolved in upstream cups-filters-1.0.47
Created cups-filters tracking bugs for this issue:
Affects: fedora-all [bug 1074840]