|
|
| |
|
| |
cups: several vulnerabilities
| Package(s): | cups |
CVE #(s): | CVE-2008-3639
CVE-2008-3640
CVE-2008-3641
|
| Created: | October 10, 2008 |
Updated: | February 20, 2009 |
| Description: |
From the Red Hat advisory:
A buffer overflow flaw was discovered in the SGI image format decoding
routines used by the CUPS image converting filter "imagetops". An attacker
could create a malicious SGI image file that could, possibly, execute
arbitrary code as the "lp" user if the file was printed. (CVE-2008-3639)
An integer overflow flaw leading to a heap buffer overflow was discovered
in the Text-to-PostScript "texttops" filter. An attacker could create a
malicious text file that could, possibly, execute arbitrary code as the
"lp" user if the file was printed. (CVE-2008-3640)
An insufficient buffer bounds checking flaw was discovered in the
HP-GL/2-to-PostScript "hpgltops" filter. An attacker could create a
malicious HP-GL/2 file that could, possibly, execute arbitrary code as the
"lp" user if the file was printed. (CVE-2008-3641)
|
| Alerts: |
|
( Log in to post comments)
|
|
|