CVE-2008-3639 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-3639
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-3639

Description: Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/45789 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-656-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 ST 1021033 SAID Secunia Advisory: SA32292 Secunia Advisory: SA32284 Secunia Advisory: SA32316 Secunia Advisory: SA33111 Secunia Advisory: SA32084 Secunia Advisory: SA32226 Secunia Advisory: SA33085 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0937.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1656 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm http://www.cups.org/articles.php?L575 http://www.cups.org/str.php?L2918 BID 31690

Return to the previous page.