Debian DSA-2354-1 : cups - several vulnerabilities

Petr Sklenar and Tomas Hoger discovered that missing input sanitising in the GIF decoder inside the CUPS printing system could lead to denial of service or potentially arbitrary code execution through crafted GIF files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Mandriva Update for cups MDVSA-2011:146 (cups)

Check for the Version of cups OpenVAS Vulnerability Test Mandriva Update for cups MDVSA-2011:146 cups Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

CVE-2011-3170

The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than...

CVE-2011-3170

The CVE-2011-3170 issue affects CUPS 1.4.8 and earlier, where gif_read_lzw in filter/image-gif.c mishandles the first code word in an LZW stream, causing a heap-based buffer overflow that could allow remote code execution via a crafted GIF. Related CVE-2011-2896 concerns the LZW decompressor simi...

CVE-2011-3170

The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than...