Lucene search

[email protected]NVD:CVE-2008-3641

HistoryOct 10, 2008 - 10:30 a.m.

CVE-2008-3641

2008-10-1010:30:03

CWE-399

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.92 High

EPSS

Percentile

99.0%

JSON

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.

Affected configurations

NVD

Node

applecupsRange≤1.3.8

applecupsMatch1.1

applecupsMatch1.1.1

applecupsMatch1.1.2

applecupsMatch1.1.3

applecupsMatch1.1.4

applecupsMatch1.1.5

applecupsMatch1.1.5-1

applecupsMatch1.1.5-2

applecupsMatch1.1.6

applecupsMatch1.1.6-1

applecupsMatch1.1.6-2

applecupsMatch1.1.6-3

applecupsMatch1.1.7

applecupsMatch1.1.8

applecupsMatch1.1.9

applecupsMatch1.1.9-1

applecupsMatch1.1.10

applecupsMatch1.1.10-1

applecupsMatch1.1.11

applecupsMatch1.1.12

applecupsMatch1.1.13

applecupsMatch1.1.14

applecupsMatch1.1.15

applecupsMatch1.1.16

applecupsMatch1.1.17

applecupsMatch1.1.18

applecupsMatch1.1.19

applecupsMatch1.1.19rc1

applecupsMatch1.1.19rc2

applecupsMatch1.1.19rc3

applecupsMatch1.1.19rc4

applecupsMatch1.1.19rc5

applecupsMatch1.1.20

applecupsMatch1.1.20rc1

applecupsMatch1.1.20rc2

applecupsMatch1.1.20rc3

applecupsMatch1.1.20rc4

applecupsMatch1.1.20rc5

applecupsMatch1.1.20rc6

applecupsMatch1.1.21

applecupsMatch1.1.21rc1

applecupsMatch1.1.21rc2

applecupsMatch1.1.22

applecupsMatch1.1.22rc1

applecupsMatch1.1.22rc2

applecupsMatch1.1.23

applecupsMatch1.1.23rc1

applecupsMatch1.2b1

applecupsMatch1.2b2

applecupsMatch1.2rc1

applecupsMatch1.2rc2

applecupsMatch1.2rc3

applecupsMatch1.2.0

applecupsMatch1.2.1

applecupsMatch1.2.2

applecupsMatch1.2.3

applecupsMatch1.2.4

applecupsMatch1.2.5

applecupsMatch1.2.6

applecupsMatch1.2.7

applecupsMatch1.2.8

applecupsMatch1.2.9

applecupsMatch1.2.10

applecupsMatch1.2.11

applecupsMatch1.2.12

applecupsMatch1.3b1

applecupsMatch1.3rc1

applecupsMatch1.3rc2

applecupsMatch1.3.0

applecupsMatch1.3.1

applecupsMatch1.3.2

applecupsMatch1.3.3

applecupsMatch1.3.4

applecupsMatch1.3.5

applecupsMatch1.3.6

applecupsMatch1.3.7

References

lists.apple.com/archives/security-announce/2008/Oct/msg00001.html

lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html

lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html

secunia.com/advisories/32084

secunia.com/advisories/32222

secunia.com/advisories/32226

secunia.com/advisories/32284

secunia.com/advisories/32292

secunia.com/advisories/32316

secunia.com/advisories/32331

secunia.com/advisories/33085

secunia.com/advisories/33111

secunia.com/advisories/33568

sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1

support.apple.com/kb/HT3216

support.avaya.com/elmodocs2/security/ASA-2008-470.htm

www.cups.org/articles.php?L575

www.cups.org/str.php?L2911

www.debian.org/security/2008/dsa-1656

www.gentoo.org/security/en/glsa/glsa-200812-11.xml

www.mandriva.com/security/advisories?name=MDVSA-2008:211

www.redhat.com/support/errata/RHSA-2008-0937.html

www.securityfocus.com/archive/1/497221/100/0/threaded

www.securityfocus.com/bid/31681

www.securityfocus.com/bid/31688

www.securitytracker.com/id?1021031

www.vupen.com/english/advisories/2008/2780

www.vupen.com/english/advisories/2008/2782

www.vupen.com/english/advisories/2008/3401

www.vupen.com/english/advisories/2009/1568

www.zerodayinitiative.com/advisories/ZDI-08-067

exchange.xforce.ibmcloud.com/vulnerabilities/45779

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666

usn.ubuntu.com/656-1/

www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html

www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.92 High

EPSS

Percentile

99.0%

JSON

Related for NVD:CVE-2008-3641

ubuntucve1 securityvulns2 zdi1 prion1 veracode1 cve1 checkpoint_advisories1 cvelist1 debiancve1 openvas46 nessus22 slackware1 freebsd1 oraclelinux1 redhat1 debian1 centos1 osv1 gentoo1 ubuntu1 fedora5