Two heap-based buffer overflow flaws were found in the urftopdf filter. If a malicious URF file were processed, it could lead to arbitrary code execution with the privileges of the "lp" user. Acknowledgements: These issues were discovered by Florian Weimer of the Red Hat Product Security Team.
Public via: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7175 This issue has been resolved in upstream cups-filters-1.0.47
Created cups-filters tracking bugs for this issue: Affects: fedora-all [bug 1074840]