Lucene search

[email protected]NVD:CVE-2009-0163

HistoryApr 23, 2009 - 5:30 p.m.

CVE-2009-0163

2009-04-2317:30:01

CWE-189

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.3%

JSON

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow.

Affected configurations

NVD

Node

applecupsRange≤1.3.9

applecupsMatch1.1

applecupsMatch1.1.1

applecupsMatch1.1.2

applecupsMatch1.1.3

applecupsMatch1.1.4

applecupsMatch1.1.5

applecupsMatch1.1.5-1

applecupsMatch1.1.5-2

applecupsMatch1.1.6

applecupsMatch1.1.6-1

applecupsMatch1.1.6-2

applecupsMatch1.1.6-3

applecupsMatch1.1.7

applecupsMatch1.1.8

applecupsMatch1.1.9

applecupsMatch1.1.9-1

applecupsMatch1.1.10

applecupsMatch1.1.10-1

applecupsMatch1.1.11

applecupsMatch1.1.12

applecupsMatch1.1.13

applecupsMatch1.1.14

applecupsMatch1.1.15

applecupsMatch1.1.16

applecupsMatch1.1.17

applecupsMatch1.1.18

applecupsMatch1.1.19

applecupsMatch1.1.19rc1

applecupsMatch1.1.19rc2

applecupsMatch1.1.19rc3

applecupsMatch1.1.19rc4

applecupsMatch1.1.19rc5

applecupsMatch1.1.20

applecupsMatch1.1.20rc1

applecupsMatch1.1.20rc2

applecupsMatch1.1.20rc3

applecupsMatch1.1.20rc4

applecupsMatch1.1.20rc5

applecupsMatch1.1.20rc6

applecupsMatch1.1.21

applecupsMatch1.1.21rc1

applecupsMatch1.1.21rc2

applecupsMatch1.1.22

applecupsMatch1.1.22rc1

applecupsMatch1.1.22rc2

applecupsMatch1.1.23

applecupsMatch1.1.23rc1

applecupsMatch1.2b1

applecupsMatch1.2b2

applecupsMatch1.2rc1

applecupsMatch1.2rc2

applecupsMatch1.2rc3

applecupsMatch1.2.0

applecupsMatch1.2.1

applecupsMatch1.2.2

applecupsMatch1.2.3

applecupsMatch1.2.4

applecupsMatch1.2.5

applecupsMatch1.2.6

applecupsMatch1.2.7

applecupsMatch1.2.8

applecupsMatch1.2.9

applecupsMatch1.2.10

applecupsMatch1.2.11

applecupsMatch1.2.12

applecupsMatch1.3b1

applecupsMatch1.3rc1

applecupsMatch1.3rc2

applecupsMatch1.3.0

applecupsMatch1.3.1

applecupsMatch1.3.2

applecupsMatch1.3.3

applecupsMatch1.3.4

applecupsMatch1.3.5

applecupsMatch1.3.6

applecupsMatch1.3.7

applecupsMatch1.3.8

References

lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html

secunia.com/advisories/34481

secunia.com/advisories/34722

secunia.com/advisories/34747

secunia.com/advisories/34756

secunia.com/advisories/34852

security.gentoo.org/glsa/glsa-200904-20.xml

wiki.rpath.com/Advisories:rPSA-2009-0061

www.cups.org/articles.php?L582

www.cups.org/str.php?L3031

www.debian.org/security/2009/dsa-1773

www.redhat.com/support/errata/RHSA-2009-0428.html

www.redhat.com/support/errata/RHSA-2009-0429.html

www.securityfocus.com/archive/1/502750/100/0/threaded

www.securityfocus.com/bid/34571

www.securitytracker.com/id?1022070

www.ubuntu.com/usn/usn-760-1

bugzilla.redhat.com/show_bug.cgi?id=490596

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for NVD:CVE-2009-0163

centos2 ubuntu1 cve1 nessus23 openvas49 redhat2 veracode1 seebug2 prion1 debiancve1 ubuntucve1 debian1 cvelist1 oraclelinux2 osv1 fedora4 slackware1 gentoo1 freebsd1 securityvulns3 suse1