4.3
CVE-2008-1722
- EPSS 2%
- Veröffentlicht 10.04.2008 19:05:00
- Zuletzt bearbeitet 16.06.2026 22:52:21
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2% | 0.782 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/30717
http://www.novell.com/linux/security/advisories/2008_13_sr.html
http://secunia.com/advisories/31324
http://www.debian.org/security/2008/dsa-1625
http://secunia.com/advisories/29809
http://secunia.com/advisories/29902
http://secunia.com/advisories/30078
http://secunia.com/advisories/30190
http://secunia.com/advisories/30553
http://secunia.com/advisories/32292
http://www.cups.org/str.php?L2790
http://www.gentoo.org/security/en/glsa/glsa-200804-23.xml
http://www.kb.cert.org/vuls/id/218395
http://www.mandriva.com/security/advisories?name=MDVSA-2008:170
http://www.osvdb.org/44398
http://www.securityfocus.com/bid/28781
http://www.securitytracker.com/id?1019854
http://www.ubuntu.com/usn/usn-606-1
http://www.vupen.com/english/advisories/2008/1226/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41832
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8768
https://rhn.redhat.com/errata/RHSA-2008-0498.html
https://usn.ubuntu.com/656-1/
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00068.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00081.html