5.8
CVE-2008-1373
- EPSS 2.17%
- Veröffentlicht 04.04.2008 00:44:00
- Zuletzt bearbeitet 16.06.2026 22:51:36
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Easy Software Products ≫ Cups Version1.3.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.17% | 0.799 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 6.5 | 6.4 |
AV:A/AC:L/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/29603
http://secunia.com/advisories/29634
http://security.gentoo.org/glsa/glsa-200804-01.xml
http://www.ubuntu.com/usn/usn-598-1
http://secunia.com/advisories/29573
http://secunia.com/advisories/29655
http://secunia.com/advisories/29750
http://www.mandriva.com/security/advisories?name=MDVSA-2008:081
http://www.redhat.com/support/errata/RHSA-2008-0192.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00091.html
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00105.html
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00003.html
http://secunia.com/advisories/29630
http://secunia.com/advisories/29659
http://secunia.com/advisories/31324
http://www.debian.org/security/2008/dsa-1625
http://www.redhat.com/support/errata/RHSA-2008-0206.html
http://secunia.com/advisories/29661
http://wiki.rpath.com/Advisories:rPSA-2008-0136
http://www.cups.org/str.php?L2765
http://www.securityfocus.com/archive/1/490486/100/0/threaded
http://www.securityfocus.com/bid/28544
http://www.securitytracker.com/id?1019739
http://www.vupen.com/english/advisories/2008/1059/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41587
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11479