|
|
| |
|
| |
cups: arbitrary code execution
| Package(s): | cups |
CVE #(s): | CVE-2008-1722
|
| Created: | April 21, 2008 |
Updated: | December 22, 2008 |
| Description: |
From the Gentoo advisory:
Thomas Pollet reported a possible integer overflow vulnerability in the
PNG image handling in the file filter/image-png.c.
A malicious user might be able to execute arbitrary code with the
privileges of the user running CUPS (usually lp), or cause a Denial of
Service by sending a specially crafted PNG image to the print server.
The vulnerability is exploitable via the network if CUPS is sharing
printers remotely.
|
| Alerts: |
|
( Log in to post comments)
|
|
|