Vulnerability & Exploit Database

Back to search

RHSA-2008:0937: cups security update

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) October 10, 2008 February 22, 2009 July 04, 2017

Description

The Common UNIX Printing System (CUPS) provides a portable printing layerfor UNIX(R) operating systems.A buffer overflow flaw was discovered in the SGI image format decodingroutines used by the CUPS image converting filter "imagetops". An attackercould create a malicious SGI image file that could, possibly, executearbitrary code as the "lp" user if the file was printed. (CVE-2008-3639)An integer overflow flaw leading to a heap buffer overflow was discoveredin the Text-to-PostScript "texttops" filter. An attacker could create amalicious text file that could, possibly, execute arbitrary code as the"lp" user if the file was printed. (CVE-2008-3640)An insufficient buffer bounds checking flaw was discovered in theHP-GL/2-to-PostScript "hpgltops" filter. An attacker could create amalicious HP-GL/2 file that could, possibly, execute arbitrary code as the"lp" user if the file was printed. (CVE-2008-3641)Red Hat would like to thank regenrecht for reporting these issues.All CUPS users are advised to upgrade to these updated packages, whichcontain backported patches to resolve these issues.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

redhat-upgrade-cups

Related Vulnerabilities