7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.864 High
EPSS
Percentile
98.3%
The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.
An integer overflow flaw, leading to a heap buffer overflow, was discovered
in the Portable Network Graphics (PNG) decoding routines used by the CUPS
image-converting filters, “imagetops” and “imagetoraster”. An attacker
could create a malicious PNG file that could, potentially, execute
arbitrary code as the “lp” user if the file was printed. (CVE-2008-5286)
CUPS users should upgrade to these updated packages, which contain a
backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ppc64 | cups-libs | < 1.1.17-13.3.55 | cups-libs-1.1.17-13.3.55.ppc64.rpm |
RedHat | any | ppc | cups-devel | < 1.1.17-13.3.55 | cups-devel-1.1.17-13.3.55.ppc.rpm |
RedHat | any | ppc | cups-libs | < 1.1.17-13.3.55 | cups-libs-1.1.17-13.3.55.ppc.rpm |
RedHat | any | ppc | cups | < 1.1.17-13.3.55 | cups-1.1.17-13.3.55.ppc.rpm |