CVE-2010-0302 cups Incomplete fix for CVE-2009-3553
It was discovered that the cups 1.3.7-11.el5_4.4 security update did not
fully correct the use-after-free flaw in the way CUPS handled references
in its file descriptors-handling interface. A remote attacker could send
specially-crafted queries to the CUPS server, causing it to crash.
(CVE-2010-0302)
After installing the update, the cupsd daemon will be restarted
automatically.