4.3

CVE-2008-1722

Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CupsCups Version1.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2% 0.782
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/30717
http://www.novell.com/linux/security/advisories/2008_13_sr.html
http://secunia.com/advisories/31324
http://www.debian.org/security/2008/dsa-1625
http://secunia.com/advisories/29809
http://secunia.com/advisories/29902
http://secunia.com/advisories/30078
http://secunia.com/advisories/30190
http://secunia.com/advisories/30553
http://secunia.com/advisories/32292
http://www.cups.org/str.php?L2790
Patch
http://www.gentoo.org/security/en/glsa/glsa-200804-23.xml
http://www.kb.cert.org/vuls/id/218395
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2008:170
http://www.osvdb.org/44398
http://www.securityfocus.com/bid/28781
http://www.securitytracker.com/id?1019854
http://www.ubuntu.com/usn/usn-606-1
http://www.vupen.com/english/advisories/2008/1226/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41832
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8768
https://rhn.redhat.com/errata/RHSA-2008-0498.html
https://usn.ubuntu.com/656-1/
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00068.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00081.html