CVE-2008-5286

Severity

75%

Complexity

99%

Confidentiality

106%

Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.

Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Apple CUPS

First reported 16 years ago

2008-12-01 15:30:00

Last updated 7 years ago

2017-09-29 01:32:00

Affected Software

Apple CUPS 1.1.17

1.1.17

Apple CUPS 1.18

1.1.18

Apple CUPS 1.1.19

1.1.19

Apple CUPS 1.1.19 release candidate 1

1.1.19

Apple CUPS 1.1.19 release candidate 2

1.1.19

Apple CUPS 1.1.19 release candidate 3

1.1.19

Apple CUPS 1.1.19 release candidate 4

1.1.19

Apple CUPS 1.1.19 release candidate 5

1.1.19

Apple CUPS 1.1.20

1.1.20

Apple CUPS 1.1.20 release candidate 1

1.1.20

Apple CUPS 1.1.20 release candidate 2

1.1.20

Apple CUPS 1.1.20 release candidate 3

1.1.20

Apple CUPS 1.1.20 release candidate 4

1.1.20

Apple CUPS 1.1.20 release candidate 5

1.1.20

Apple CUPS 1.1.20 release candidate 6

1.1.20

Apple CUPS 1.1.21

1.1.21

Apple CUPS 1.1.21 release candidate 1

1.1.21

Apple CUPS 1.1.21 release candidate 2

1.1.21

Apple CUPS 1.1.22

1.1.22

Apple CUPS 1.1.22 release candidate 1

1.1.22

Apple CUPS 1.1.22 release candidate 2

1.1.22

Apple CUPS 1.1.23

1.1.23

Apple CUPS 1.1.23 release candidate 1

1.1.23

Apple CUPS 1.2 b1

1.2

Apple CUPS 1.2 b2

1.2

Apple CUPS 1.2 release candidate 1

1.2

Apple CUPS 1.2 release candidate 2

1.2

Apple CUPS 1.2 release candidate 3

1.2

Apple CUPS 1.2.0

1.2.0

Apple CUPS 1.2.1

1.2.1

Apple CUPS 1.2.2

1.2.2

Apple CUPS 1.2.3

1.2.3

Apple CUPS 1.2.4

1.2.4

Apple CUPS 1.2.5

1.2.5

Apple CUPS 1.2.6

1.2.6

Apple CUPS 1.2.7

1.2.7

Apple CUPS 1.2.8

1.2.8

Apple CUPS 1.2.9

1.2.9

Apple CUPS 1.2.10

1.2.10

Apple CUPS 1.2.11

1.2.11

Apple CUPS 1.2.12

1.2.12

Apple CUPS 1.3 b1

1.3

Apple CUPS 1.3 release candidate 1

1.3

Apple CUPS 1.3 release candidate 2

1.3

Apple CUPS 1.3.0

1.3.0

Apple CUPS 1.3.1

1.3.1

Apple CUPS 1.3.2

1.3.2

Apple CUPS 1.3.3

1.3.3

Apple CUPS 1.3.4

1.3.4

Apple CUPS 1.3.5

1.3.5

Apple CUPS 1.3.6

1.3.6

Apple CUPS 1.3.7

1.3.7

Apple CUPS 1.3.8

1.3.8

Apple CUPS 1.3.9

1.3.9

References

SUSE-SR:2009:002

32962

33101

33111

33568

http://svn.easysw.com/public/cups/trunk/CHANGES-1.3.txt

http://www.cups.org/str.php?L2974

Patch, Vendor Advisory

DSA-1677

GLSA-200812-01

GLSA-200812-11

MDVSA-2009:028

MDVSA-2009:029

[oss-security] 20081201 (sort of urgent) CVE Request -- cups (repost)

RHSA-2008:1028

32518

Patch

1021298

ADV-2008-3315

cups-cupsimagereadpng-overflow(46933)

oval:org.mitre.oval:def:10058

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.