CVE-2008-3640 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-3640
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-3640

Description: Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/45790 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-656-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 ST 1021034 SAID Secunia Advisory: SA32292 Secunia Advisory: SA32284 Secunia Advisory: SA32316 Secunia Advisory: SA33111 Secunia Advisory: SA32084 Secunia Advisory: SA32226 Secunia Advisory: SA33085 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0937.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1656 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm http://www.cups.org/articles.php?L575 http://www.cups.org/str.php?L2919 BID 31690

Return to the previous page.