Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-3170HistoryAug 19, 2011 - 5:55 p.m.
CVE-2011-3170
2011-08-1917:55:00
Debian Security Bug Tracker
security-tracker.debian.org
10
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.557 Medium
EPSS
Percentile
97.6%
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.5.0-8 | cups_1.5.0-8_all.deb |
| Debian | 11 | all | cups | < 1.5.0-8 | cups_1.5.0-8_all.deb |
| Debian | 10 | all | cups | < 1.5.0-8 | cups_1.5.0-8_all.deb |
| Debian | 999 | all | cups | < 1.5.0-8 | cups_1.5.0-8_all.deb |
| Debian | 13 | all | cups | < 1.5.0-8 | cups_1.5.0-8_all.deb |
Related
openvas
openvas
Debian Security Advisory DSA 2354-1 (cups)
2012-02-11 00:00:00
Ubuntu Update for cups USN-1207-1
2011-09-16 00:00:00
Debian Security Advisory DSA 2354-1 (cups)
2012-02-11 00:00:00
debian
debian
[SECURITY] [DSA 2354-1] cups security update
2011-11-30 17:39:49
[SECURITY] [DSA 2426-1] gimp security update
2012-03-06 18:46:58
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : cups, cupsys vulnerabilities (USN-1207-1)
2011-09-15 00:00:00
Debian DSA-2354-1 : cups - several vulnerabilities
2011-12-01 00:00:00
Mandriva Linux Security Advisory : cups (MDVSA-2011:147)
2012-09-06 00:00:00
ubuntucve
ubuntucve
ubuntu
ubuntu
CUPS vulnerabilities
2011-09-14 00:00:00
GIMP vulnerability
2011-09-22 00:00:00
cve
cve
prion
prion
checkpoint_advisories
checkpoint_advisories
Apple CUPS gif_read_lzw Heap Buffer Overflow (CVE-2011-3170)
2011-12-20 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: pl-5.7.11-7.fc14
2011-09-08 07:10:16
[SECURITY] Fedora 15 Update: pl-5.10.2-5.fc15
2011-09-08 07:07:27
[SECURITY] Fedora 15 Update: cups-1.4.8-2.fc15
2011-08-26 19:12:30
redhat
redhat
(RHSA-2011:1635) Low: cups security and bug fix update
2011-12-06 00:00:00
(RHSA-2012:0302) Low: cups security and bug fix update
2012-02-21 00:00:00
(RHSA-2012:1180) Moderate: gimp security update
2012-08-20 00:00:00
securityvulns
securityvulns
[USN-1214-1] GIMP vulnerability
2011-09-26 00:00:00
gimp memory corruption
2011-09-26 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 01:07:09
oraclelinux
oraclelinux
cups security and bug fix update
2011-12-14 00:00:00
cups security and bug fix update
2012-03-01 00:00:00
gimp security update
2012-08-20 00:00:00
debiancve
debiancve
CVE-2011-2895
2011-08-19 17:55:00
CVE-2011-2896
2011-08-19 17:55:00
centos
centos
gimp security update
2012-08-20 16:23:59
gimp security update
2012-08-20 15:14:54
osv
osv
gimp - several
2012-03-06 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2012-07-09 00:00:00
GIMP: Multiple vulnerabilities
2012-09-28 00:00:00
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.557 Medium
EPSS
Percentile
97.6%
Related for DEBIANCVE:CVE-2011-3170