4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.015 Low
EPSS
Percentile
85.3%
The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.
An integer overflow flaw leading to a heap buffer overflow was discovered
in the Portable Network Graphics (PNG) decoding routines used by the CUPS
image converting filters “imagetops” and “imagetoraster”. An attacker could
create a malicious PNG file that could possibly execute arbitrary code as
the “lp” user if the file was printed. (CVE-2008-1722)
All CUPS users are advised to upgrade to these updated packages, which
contain backported patch to resolve this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | x86_64 | cups-libs | < 1.1.17-13.3.53 | cups-libs-1.1.17-13.3.53.x86_64.rpm |
RedHat | any | ppc | cups-libs | < 1.1.17-13.3.53 | cups-libs-1.1.17-13.3.53.ppc.rpm |
RedHat | 5 | s390x | cups-libs | < 1.2.4-11.18.el5_2.1 | cups-libs-1.2.4-11.18.el5_2.1.s390x.rpm |
RedHat | 5 | ppc64 | cups-devel | < 1.2.4-11.18.el5_2.1 | cups-devel-1.2.4-11.18.el5_2.1.ppc64.rpm |
RedHat | 5 | s390x | cups-devel | < 1.2.4-11.18.el5_2.1 | cups-devel-1.2.4-11.18.el5_2.1.s390x.rpm |
RedHat | 4 | s390 | cups | < 1.1.22-0.rc1.9.20.2.el4_6.8 | cups-1.1.22-0.rc1.9.20.2.el4_6.8.s390.rpm |
RedHat | 5 | ppc | cups-devel | < 1.2.4-11.18.el5_2.1 | cups-devel-1.2.4-11.18.el5_2.1.ppc.rpm |
RedHat | 5 | s390 | cups-libs | < 1.2.4-11.18.el5_2.1 | cups-libs-1.2.4-11.18.el5_2.1.s390.rpm |
RedHat | 4 | ppc | cups-libs | < 1.1.22-0.rc1.9.20.2.el4_6.8 | cups-libs-1.1.22-0.rc1.9.20.2.el4_6.8.ppc.rpm |
RedHat | 4 | ia64 | cups | < 1.1.22-0.rc1.9.20.2.el4_6.8 | cups-1.1.22-0.rc1.9.20.2.el4_6.8.ia64.rpm |